Change IPFW default to allow

Michael Sierchio kudzu at
Sun Dec 9 18:30:03 UTC 2018

On Sun, Dec 9, 2018 at 10:17 AM JD <jd1008 at> wrote:

> What a horrible (terribly insecure) suggestion for default operation of

Default to accept merely means that the default rule - rule 65535 - permits
all traffic. It is useful when booting and getting all other services
operational. Loading a firewall ruleset changes that entirely.  Imagine a
situation in which your cloud instance tries to get a DHCP address and
routing information, only to fail because no packets can go in or out.

You haven't done this before, have you?

"Well," Brahma said, "even after ten thousand explanations, a fool is no
wiser, but an intelligent person requires only two thousand five hundred."

- The Mahābhārata

More information about the freebsd-questions mailing list