Things to remove from /rescue
Robert Watson
rwatson at freebsd.org
Fri Jul 18 10:07:31 PDT 2003
On Fri, 18 Jul 2003, Bosko Milekic wrote:
> On Fri, Jul 18, 2003 at 07:44:38AM -0700, Wes Peters wrote:
> [...]
> > > I believe that sysctl only affects ipfw, so people using ipfilter might
> > > still need ipf if ipfilter defaults to block as well.
> >
> > It would seem advisable to add such a sysctl for ipfilter. Any
> > objections, Darren?
>
> How about having both ipfw and ipfilter check the same sysctl 'allow
> all by default' knob?
Well, there are actually people who run with both, and you can probably
fairly easily imagine scenarios where you'd want them to be independent.
Also, you don't want management tools to be confused about which they're
twiddling.
Robert N M Watson FreeBSD Core Team, TrustedBSD Projects
robert at fledge.watson.org Network Associates Laboratories
More information about the freebsd-arch
mailing list