From owner-freebsd-questions@freebsd.org  Tue Jun 18 12:15:04 2019
Return-Path: <owner-freebsd-questions@freebsd.org>
Delivered-To: freebsd-questions@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 1284C15B90BD
 for <freebsd-questions@mailman.ysv.freebsd.org>;
 Tue, 18 Jun 2019 12:15:04 +0000 (UTC)
 (envelope-from roberthuff@rcn.com)
Received: from smtp.rcn.com (smtp.rcn.com [69.168.97.78])
 (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
 (Client did not present a certificate)
 by mx1.freebsd.org (Postfix) with ESMTPS id 4C5DA7173C
 for <freebsd-questions@freebsd.org>; Tue, 18 Jun 2019 12:15:03 +0000 (UTC)
 (envelope-from roberthuff@rcn.com)
DKIM-Signature: v=1; a=rsa-sha1; d=rcn.com; s=20180516; c=relaxed/simple;
 q=dns/txt; i=@rcn.com; t=1560858895;
 h=From:Subject:Date:To:MIME-Version:Content-Type;
 bh=ZKok/liNMHM0a+6OGB0/BG152bE=;
 b=hR/7TIk/HZqVXyrIQT1juMtecoJUP0PDal7WO1/61Uq9X/VJ0a1GSViiZpGDVohK
 POvrSHnISIsMyY2rTn8VE6nRCzwW95pEFtzA5Fg5HmwLDLZymlBhkibxwVgsMgXc
 W9yOp3Y1/9PhILjmClQ76TYis91hPfGWiszsM74U6mWf2bsUhFnk+8pApTFATkwa
 0YjKh3DqFHEPfxN4ewQ/8ouAdeF9blFL1V/qiz6xRBdAL7N14TIyAF+ZIOSD9rJa
 1Xf/JA8EB9oIUoIzQMacwrMzhaKTNu+JssUexluO9w6CDu5Q8DCllm5eTsY1qESg
 c8i3HZFDXscl/eaNEm+jCQ==;
X_CMAE_Category: , ,
X-CNFS-Analysis: v=2.2 cv=aKGykv1m c=1 sm=1 tr=0
 a=9TgA2UwI6Wy+6BV4wQM/cQ==:117 a=9TgA2UwI6Wy+6BV4wQM/cQ==:17
 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=KGjhK52YXX0A:10 a=kj9zAlcOel0A:10
 a=XRQyMpdBKAEA:10 a=dq6fvYVFJ5YA:10 a=48faUk6PgeAA:10
 a=MtpRBOugqLg-rJsvyLMA:9 a=CjuIK1q_8ugA:10
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
X-Authed-Username: cm9iZXJ0aHVmZkByY24uY29t
Authentication-Results: smtp03.rcn.cmh.synacor.com
 header.from=roberthuff@rcn.com; sender-id=softfail
Authentication-Results: smtp03.rcn.cmh.synacor.com smtp.user=roberthuff;
 auth=pass (PLAIN)
Received: from [209.6.230.48] ([209.6.230.48:43215]
 helo=jerusalem.litteratus.org.litteratus.org)
 by smtp.rcn.com (envelope-from <roberthuff@rcn.com>)
 (ecelerity 3.6.25.56547 r(Core:3.6.25.0)) with ESMTPSA
 (cipher=AES256-GCM-SHA384) 
 id CD/21-13517-F01D80D5; Tue, 18 Jun 2019 07:54:55 -0400
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <23816.53518.998090.665606@jerusalem.litteratus.org>
Date: Tue, 18 Jun 2019 07:54:54 -0400
From: Robert Huff <roberthuff@rcn.com>
To: "Ronald F. Guilmette" <rfg@tristatelogic.com>
Cc: freebsd-net@freebsd.org,
    freebsd-questions@freebsd.org
Subject: Re: Eliminating IPv6 (?)
In-Reply-To: <19574.1560847186@segfault.tristatelogic.com>
References: <9AF5DF39-9B81-4270-B25C-D089C971E924@punkt.de>
 <19574.1560847186@segfault.tristatelogic.com>
X-Mailer: VM 8.2.0b under 26.2 (amd64-portbld-freebsd13.0)
X-Rspamd-Queue-Id: 4C5DA7173C
X-Spamd-Bar: -------
Authentication-Results: mx1.freebsd.org;
 dkim=pass header.d=rcn.com header.s=20180516 header.b=hR/7TIk/;
 dmarc=pass (policy=none) header.from=rcn.com;
 spf=pass (mx1.freebsd.org: domain of roberthuff@rcn.com designates
 69.168.97.78 as permitted sender) smtp.mailfrom=roberthuff@rcn.com
X-Spamd-Result: default: False [-7.82 / 15.00]; ARC_NA(0.00)[];
 RCVD_VIA_SMTP_AUTH(0.00)[];
 R_DKIM_ALLOW(-0.20)[rcn.com:s=20180516]; RCVD_TLS_ALL(0.00)[];
 FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3];
 R_SPF_ALLOW(-0.20)[+ip4:69.168.97.0/24];
 NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain];
 IP_SCORE(-2.74)[ip: (-9.23), ipnet: 69.168.97.0/24(-4.55), asn: 36271(0.14),
 country: US(-0.06)]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0];
 TO_DN_SOME(0.00)[];
 DWL_DNSWL_LOW(-1.00)[rcn.com.dwl.dnswl.org : 127.0.5.1];
 TO_MATCH_ENVRCPT_SOME(0.00)[]; DKIM_TRACE(0.00)[rcn.com:+];
 DMARC_POLICY_ALLOW(-0.50)[rcn.com,none];
 MX_GOOD(-0.01)[mx.rcn.com]; NEURAL_HAM_SHORT(-0.98)[-0.975,0];
 RCVD_IN_DNSWL_LOW(-0.10)[78.97.168.69.list.dnswl.org : 127.0.5.1];
 FROM_EQ_ENVFROM(0.00)[]; MIME_TRACE(0.00)[0:+];
 ASN(0.00)[asn:36271, ipnet:69.168.97.0/24, country:US];
 RCVD_COUNT_TWO(0.00)[2]; SUBJECT_HAS_QUESTION(0.00)[]
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions/>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
 <mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Jun 2019 12:15:04 -0000


Ronald F. Guilmette writes:

>  >Instead of messing with the system provided file you could
>  >create a new one with only your own desired rules and then set
>  >this rc.conf variable:
>  >
>  >	firewall_script="/etc/rc.firewall"
>  
>  Actually, no, that's not how one is supposed to enable one's own set
>  of ipfw ules.  To do that, the Handbook (Sec. 30.4.1) says very clearly
>  that one should do:
>  
>      firewall_enable="YES"
>      firewall_type="path-to-my-rules-file"
>  
>  But I'm glad you brought it up.  The funny thing is that even that
>  doesn't work properly nowadays *or* like it used to in the past.

	If this is true - haven't checked personally - then it's a bug.
(And a non-trivial one, the fact you're the first to report it
notwithstanding.)
	Can you please open a bug report?


			Respectfully,


				Robert Huff