Date: Sun, 2 Mar 2003 21:20:45 -0500 From: Barney Wolff <barney@pit.databus.com> To: Eric Brunner-Williams in Portland Maine <brunner@nic-naa.net> Cc: freebsd-net@FreeBSD.ORG Subject: Re: IPFIREWALL, /dev/ipl and friends Message-ID: <20030303022045.GA73672@pit.databus.com> In-Reply-To: <200303022131.h22LVgtY076746@nic-naa.net> References: <200303022131.h22LVgtY076746@nic-naa.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Mar 02, 2003 at 04:31:42PM -0500, Eric Brunner-Williams in Portland Maine wrote:
> What is the mechanism in 5.0 for creating /dev/{ipauth,ipl,ipstate}?
>
> < # Firewall
> < options IPFIREWALL #firewall
> < options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
> < options IPFIREWALL_FORWARD #enable transparent proxy support
> < options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity
> < options IPFIREWALL_DEFAULT_TO_ACCEPT #use ipf to close, not open
> <
> < # Do not decrement the ttl, hide firewall from traceroute class tools
> < options IPSTEALTH #support for stealth forwarding
> <
> 1,82c69,70
> < options SMP # Symmetric MultiProcessor Kernel
> < options APIC_IO # Symmetric (APIC) I/O
IPFIREWALL and friends are for ipfw, not ipfilter (except IPSTEALTH).
5.0 uses devfs and creates pseudo-devices as needed.
--
Barney Wolff http://www.databus.com/bwresume.pdf
I'm available by contract or FT, in the NYC metro area or via the 'Net.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030303022045.GA73672>