enable IPFIREWALL_DEFAULT_TO_ACCEPT for GENERIC kernel
subbsd
subbsd at gmail.com
Mon Jun 15 08:47:44 UTC 2009
Hello
On Monday 15 June 2009 12:39:08 Michael Powell wrote:
> subbsd wrote:
> > Hello maillist,
> >
> > Whether there is a way for booting GENERIC kernel with
> > ipfw_load="YES"
> >
> > and
> >
> > 65535 allow ip from any to any
> >
> > rules without recompile kernel with options IPFIREWALL_DEFAULT_TO_ACCEPT
> > ?
> >
> > This is single options who force me customize my own kernel with freebsd-
> > update.
>
> In your /etc/rc.conf:
>
> firewall_enable="YES" # Set to YES to enable firewall functionality
>
> In addition to the above to activate include this below:
>
> firewall_type="open"
>
Thanks for answer. but its a little bit other than i needed. I've try for safe
"ipfw flush" in remote machine, when FW no have any user rules .
OPEN firewall type is not get 65535 rules for pass all traffic by default
> IIRC that should do what you need. There is a list of the types and their
> function commented in the /etc/rc.firewall script.
>
> -Mike
>
>
>
> _______________________________________________
> freebsd-questions at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to
> "freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions
mailing list