bad test in /etc/rc.d/ip6fw
Sean McNeil
sean at mcneil.com
Tue Apr 3 03:17:27 UTC 2007
Hi Henrique,
> For Firewall in IPV6 enable in kernel
>
> options IPV6FIREWALL # Enable ipfirewall(4) for ipv6
> options IPV6FIREWALL_VERBOSE # Enable log's in syslogd(4)
> options IPV6FIREWALL_VERBOSE_LIMIT=100 # Set limite in syslogd in 100
> registers
> options IPV6FIREWALL_DEFAULT_TO_ACCEPT # Enable default Open Firewall
>
> And sorry my poor english :p
No problem. You miss my point, however. I have none of these in my kernel
config yet I have net.inet6.ip6.fw.enable defined. This prevents the
/etc/rc.d/ip6fw script from kldload'ing the appropriate module. So either
the code that creates the kernel parameter or the script needs to be changed
so that they work in tandem.
> Henrique Mattos
>
> 2007/4/2, Sean McNeil <sean at mcneil.com>:
>> I just noticed that ip6fw isn't loading the ip6fw kernel module because
>> my kernel somehow already has the sysctl value in it. This is
>> FreeBSD -STABLE and I have the following in my kernel:
>>
>> options INET # InterNETworking
>> options INET6 # IPv6 communications protocols
>>
>> options IPFIREWALL
>> options IPFIREWALL_FORWARD
>> options IPDIVERT
>> options DUMMYNET
>>
>> net.inet6.ip6.fw.enable managed to get in the kernel.
>>
>> Cheers,
>> Sean
>> _______________________________________________
>> freebsd-ipfw at freebsd.org mailing list
>> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
>> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe at freebsd.org"
>>
>
>
More information about the freebsd-ipfw
mailing list