Date: Tue, 21 Oct 2003 12:38:59 -0700 From: Luigi Rizzo <rizzo@icir.org> To: Mikel King <mikel.king@ocsny.com> Cc: atanu@ICSI.Berkeley.EDU Subject: Re: Remote Boot Message-ID: <20031021123859.A50248@xorpc.icir.org> In-Reply-To: <3F9583F4.9020306@ocsny.com>; from mikel.king@ocsny.com on Tue, Oct 21, 2003 at 03:07:32PM -0400 References: <23439.1066760713@tigger.icir.org> <3F9583F4.9020306@ocsny.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Oct 21, 2003 at 03:07:32PM -0400, Mikel King wrote: > Just curious would it be better to add a rule to allowe 67 & 68 (tcp & > udp) in from the dhcp server instead of leaving the box all open? > Understand I've never attempted this booting a diskless, but it seems > like something worth trying.... all this happens before you have a chance to install an ipfw configuration so what you suggest cannot be done unless you hardwire the rules in the kernel (which you can't, at the moment; not that it couldn't be done, ipfw2 is quite flexible in this respect, but the feature is not implemented now). cheers luigi > Atanu Ghosh wrote: > > >>From my notes when trying to get diskless booting working: > > > > We usually have the firewall and dummynet enabled in our configs. The > > default is therefore not to allow any packets in or out. This stops > > the DHCP packets leaving a diskless kernel. Override this default. > > > >options IPFIREWALL_DEFAULT_TO_ACCEPT > > > > Atanu.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031021123859.A50248>