kldload ipfw, with IPFIREWALL_DEFAULT_TO_ACCEPT
Simon Dick
simond at irrelevant.org
Mon Jul 29 11:31:01 UTC 2013
On 29 July 2013 12:27, Karl Pielorz <kpielorz_lst at tdx.co.uk> wrote:
>
>
> --On 29 July 2013 13:02 +0200 Stefan Esser <se at freebsd.org> wrote:
>
> I guess you were looking for:
>>
>> net.inet.ip.fw.default_to_**accept="1"
>>
>> which is a tunable to be set in /boot/loader.conf ...
>>
>
> Very probably - but that's at boot time :( - Is there nothing I can do at
> kldload time to have the initial kldload give me a 'allow ip from any to
> any' rule as it loads? (thus not affecting traffic on the machine, or more
> importantly the CARP interfaces)?
>
>
My normal way is to run the kldload in screen and manually run an allow all
right afterwards
e.g.
kldload ipfw && ipfw <blah>... :)
More information about the freebsd-hackers
mailing list