From owner-freebsd-doc@FreeBSD.ORG Sun Mar 30 15:30:24 2008 Return-Path: Delivered-To: doc@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 16E7D106566B for ; Sun, 30 Mar 2008 15:30:24 +0000 (UTC) (envelope-from cyberman.wu@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.251]) by mx1.freebsd.org (Postfix) with ESMTP id C7BEC8FC2C for ; Sun, 30 Mar 2008 15:30:23 +0000 (UTC) (envelope-from cyberman.wu@gmail.com) Received: by an-out-0708.google.com with SMTP id c14so339235anc.13 for ; Sun, 30 Mar 2008 08:30:18 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=zSAb6SO0AO6qT0UVFMYogONEQBZpYPM/NEnKBCjQCPQ=; b=DV0aRnVmTWXovTIH8kwfhRZKvlFN4Za/qlDZJiNp862a2UfXg4t51AKkjByicbj85DVozoTNdx50OahhZC/raxxGCJ1Fa7WQkgtGz7AsJJIPNDQhtPojt1SBmC478NZlGjDODadSoQIHw9n45GbEbi4YeM72e7UfSdlOnbqlfao= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=message-id:date:from:to:subject:mime-version:content-type; b=oTyiFz/CGXYKB7JsNyQB5NzOkoZJHmq6K+e9f+G9QUpijjJKjb7s1VrEEZoPeX7bjBENTI5Aox7WbxA3V9oiwsVyzMU7xeBcigJDPwOpu0I/QJ3npngMRpoxBkJpbnMlaWNyGDhyp6SJoYYtA3Wm1HJQZrrAHdVoO1Odvo2MrM4= Received: by 10.100.122.8 with SMTP id u8mr13007363anc.46.1206889549673; Sun, 30 Mar 2008 08:05:49 -0700 (PDT) Received: by 10.100.38.1 with HTTP; Sun, 30 Mar 2008 08:05:49 -0700 (PDT) Message-ID: Date: Sun, 30 Mar 2008 23:05:49 +0800 From: "Cyberman Wu" To: doc@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: Subject: I have some question about the description of IPFW in the handbook... X-BeenThere: freebsd-doc@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Documentation project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 30 Mar 2008 15:30:24 -0000 In 28.6.1 it says only adding firewall_enable="YES" in rc.conf will enable IPFW, and the message will showed: ipfw2 initialized, divert disabled, rule-based forwarding disabled, default to deny, logging disabled And when I did that I got some info like that: ipfw2 (+ipv6) initialized, divert loadable, rule-based forwarding disabled, default to deny, logging disabled Only divert is different. But when I try to use ipfw I got a error, just like the same before I enable it in rc.conf: ipfw: getsockopt(IP_FW_GET): Protocol not available Before that I've tried to build a new kernel with 'options IPFIREWALL' and it seemed can work: after the new system booted all the network blocked, then I see the way said in the handbook and tried it. I'v tried to search on the FreeBSD web site but got nothing about that, and through google the other sites only say I should recompile the kernel. I'm a new user for FreeBSD, before that I've only used Fedora, and many years ago, Redhat. This time our web server running Win2003 got some problem and I'm trying to shift it to FreeBSD. Is there any good articles describing how to builder a reliable and efficient web server?