From owner-freebsd-stable@FreeBSD.ORG Fri Mar 16 22:08:10 2007 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id E5F9516A418 for ; Fri, 16 Mar 2007 22:08:10 +0000 (UTC) (envelope-from SRS1=f8cad4aa50f83163e7d62569af01371e1445e6b2=es.net==f8cad4aa50f83163e7d62569af01371e1445e6b2=276=es.net=oberman@es.net) Received: from postal1.es.net (postal1.es.net [198.128.3.205]) by mx1.freebsd.org (Postfix) with ESMTP id 4DC9713C465 for ; Fri, 16 Mar 2007 22:08:05 +0000 (UTC) (envelope-from SRS1=f8cad4aa50f83163e7d62569af01371e1445e6b2=es.net==f8cad4aa50f83163e7d62569af01371e1445e6b2=276=es.net=oberman@es.net) Received: from postal4.es.net (postal4.es.net [198.124.252.66]) by postal1.es.net (Postal Node 1) with ESMTP (SSL) id VYU77500 for ; Fri, 16 Mar 2007 14:56:00 -0700 Received: from ptavv.es.net (ptavv.es.net [198.128.4.29]) by postal4.es.net (Postal Node 4) with ESMTP (SSL) id VYT43559; Fri, 16 Mar 2007 14:55:59 -0700 Received: from ptavv.es.net (ptavv.es.net [127.0.0.1]) by ptavv.es.net (Tachyon Server) with ESMTP id 6D33F45047; Fri, 16 Mar 2007 14:55:58 -0700 (PDT) To: Pertti Kosunen In-Reply-To: Your message of "Fri, 16 Mar 2007 15:40:44 +0200." <45FA9E5C.1060404@pp.nic.fi> Mime-Version: 1.0 Content-Type: multipart/signed; boundary="==_Exmh_1174082158_3434P"; micalg=pgp-sha1; protocol="application/pgp-signature" Content-Transfer-Encoding: 7bit Date: Fri, 16 Mar 2007 14:55:58 -0700 From: "Kevin Oberman" Message-Id: <20070316215558.6D33F45047@ptavv.es.net> Cc: freebsd-stable@freebsd.org Subject: Re: rc.order wrong (ipfw) X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 16 Mar 2007 22:08:11 -0000 --==_Exmh_1174082158_3434P Content-Type: text/plain; charset=us-ascii Content-Disposition: inline > Date: Fri, 16 Mar 2007 15:40:44 +0200 > From: Pertti Kosunen > Sender: owner-freebsd-stable@freebsd.org > > JoaoBR wrote: > > I don't agree to what you say > > what sense does it make to have my forward rules up but natd still not? > > what sense does it makes logging while syslog is not up? > > What would it forward & log when network isn't up? Hmm. Let's see. Maybe the stuff that happens between the start of the network and the start of ipfw? Remember that, by default, until ipfw starts, there is a default 65535 deny ip from any to any in the firewall, thus blocking everything until ipfw starts. You should either not build ipfw into the kernel or build with the IPFIREWALL_DEFAULT_TO_ACCEPT option if you want something to be able to pass through the network before ipfw starts. (Hint, if you run IPv6, you probably do.) -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751 --==_Exmh_1174082158_3434P Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (FreeBSD) Comment: Exmh version 2.5 06/03/2002 iD8DBQFF+xJukn3rs5h7N1ERAs0kAKCDOp5k8TeRgwW5zaJY7BC/jJs9rgCggfks 5ggV+BKlr1qKcQ8uTPF3zPE= =mSAL -----END PGP SIGNATURE----- --==_Exmh_1174082158_3434P--