Date: Thu, 6 Jan 2000 11:07:14 -0800 (PST) From: Doug Ambrisko <ambrisko@whistle.com> To: David Gilbert <dgilbert@velocet.ca> Cc: freebsd-current@FreeBSD.ORG Subject: Re: BOOTP and IPFIREWALL Message-ID: <200001061907.LAA38192@whistle.com> In-Reply-To: <14452.40864.973241.492117@trooper.velocet.net> from David Gilbert at "Jan 6, 2000 08:58:56 am"
next in thread | previous in thread | raw e-mail | index | archive | help
David Gilbert writes: | options BOOTP and options IPFIREWALL appear to be incompatible in | -CURRENT. I havn't tried -STABLE. While the kernel compiles fine, | the BOOTP code fails to send the discover packet and panic()'s. | | While it might not be immediately obvious that you'd want IPFIREWALL | in a BOOTP-loaded machine, there are good reasons for it... They are not really incompatible just your use is :-) Add options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default to your kernel. IPFW stuff is blocking any network traffic. So add this to your kernel and you firewall will default to open so BOOT etc will work (including nfs mounting of root & swap), then during the boot use the rc.firewall stuff to setup the firewall correct and then remove the default open rule. This is what I've done when playing with natd on a netbooted machine. (natd require ipfw & divert). If this fails it's news to me. Doug A. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001061907.LAA38192>