Change IPFW default to allow

Tim Daneliuk tundra at
Sun Dec 9 18:37:47 UTC 2018

On 12/9/18 12:29 PM, Michael Sierchio wrote:
> Default to accept merely means that the default rule - rule 65535 - permits
> all traffic.

Also a good point.

The risk is directly proportional to how many open ports exist on the machine
in the first place.  For many years I ran a NATDing boundary machine
with NO firewall.  The very few things that were actually up and listening
were all managed via hosts.allow entries and THAT defaulted do Do Not Allow.
In over a decade of running this way, that machine was never even slightly

Tim Daneliuk     tundra at
PGP Key:

More information about the freebsd-questions mailing list