ipfirewall(4)) cannot be changed

[Santos]

root at vigilante /root cuaa1# man init |tail -n 130 |head -n 5

3   Network secure mode - same as highly secure mode, plus IP packet
     filter rules (see ipfw(8) and ipfirewall(4)) cannot be changed and
     dummynet(4) configuration cannot be adjusted.

root at vigilante /root cuaa1# sysctl -a |grep secure
kern.securelevel: 3

root at vigilante /root cuaa1# ipfw show
00100          0          0 allow ip from any to any via lo0
00200          0          0 deny ip from any to 127.0.0.0/8
00300          0          0 deny ip from 127.0.0.0/8 to any
65535         44       3648 deny ip from any to any

root at vigilante /root cuaa1# ping  216.136.204.21
PING 216.136.204.21 (216.136.204.21): 56 data bytes
ping: sendto: Permission denied
ping: sendto: Permission denied
^C
--- 216.136.204.21 ping statistics ---
2 packets transmitted, 0 packets received, 100% packet loss

root at vigilante /root cuaa1# telnet  216.136.204.21 80
Trying 216.136.204.21...
telnet: connect to address 216.136.204.21: Permission denied
telnet: Unable to connect to remote host

root at vigilante /root cuaa1# sysctl net.inet.ip.fw.enable=0
net.inet.ip.fw.enable: 1 -> 0

root at vigilante /root cuaa1# ping  216.136.204.21

PING 216.136.204.21 (216.136.204.21): 56 data bytes
64 bytes from 216.136.204.21: icmp_seq=0 ttl=50 time=338.878 ms
64 bytes from 216.136.204.21: icmp_seq=1 ttl=50 time=346.135 ms
^C
--- 216.136.204.21 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 338.878/342.506/346.135/3.629 ms

root at vigilante /root cuaa1# telnet  216.136.204.21 80
Trying 216.136.204.21...
Connected to freefall.freebsd.org.
Escape character is '^]'.
quit
<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN">
<HTML><HEAD>
<TITLE>501 Method Not Implemented</TITLE>
</HEAD><BODY>
<H1>Method Not Implemented</H1>
quit to /index.html not supported.<P>
Invalid method in request quit / HTTP/1.1<P>
</BODY></HTML>
Connection closed by foreign host.



Santos