ipwf dummynet vs. kernel NAT and firewall rules
Julian Elischer
julian at freebsd.org
Thu Mar 10 20:34:46 UTC 2016
On 10/03/2016 11:35 AM, Mark Felder wrote:
>
> On Thu, Mar 10, 2016, at 00:53, Ian Smith wrote:
>> On Wed, 9 Mar 2016 15:02:18 -0800, Don Lewis wrote:
>> > On 9 Mar, Don Lewis wrote:
>> > > On 9 Mar, Don Lewis wrote:
>> > >> On 9 Mar, Don Lewis wrote:
>> > >>> On 9 Mar, Freddie Cash wrote:
>> > >>>>
>> > >>>> ?Do you have the sysctl net.inet.ip.fw.one_pass set to 0 or 1?
>> > >>>
>> > >>> Aha, I've got it set to 1.
>>
>> I observe that in 99 cases out of 100, the default of 1 is undesired,
>> but it's too late to do anything but advise people - thanks Freddie!
>>
> Is there any reason why we shouldn't just change the default for
> 11-RELEASE?
yeah people will kill you.
firewalls don't get rewritten by mergemaster.
>
>
More information about the freebsd-ipfw
mailing list