enable IPFIREWALL_DEFAULT_TO_ACCEPT for GENERIC kernel
Michael Powell
nightrecon at verizon.net
Mon Jun 15 08:37:37 UTC 2009
subbsd wrote:
> Hello maillist,
>
> Whether there is a way for booting GENERIC kernel with
> ipfw_load="YES"
>
> and
>
> 65535 allow ip from any to any
>
> rules without recompile kernel with options IPFIREWALL_DEFAULT_TO_ACCEPT ?
>
> This is single options who force me customize my own kernel with freebsd-
> update.
>
In your /etc/rc.conf:
firewall_enable="YES" # Set to YES to enable firewall functionality
In addition to the above to activate include this below:
firewall_type="open"
IIRC that should do what you need. There is a list of the types and their
function commented in the /etc/rc.firewall script.
-Mike
More information about the freebsd-questions
mailing list