Date: Tue, 18 Jun 2019 14:27:51 -0700 From: "Ronald F. Guilmette" <rfg@tristatelogic.com> Cc: FreeBSD Net <freebsd-net@freebsd.org>, Mailinglists FreeBSD <freebsd-questions@freebsd.org> Subject: Re: Eliminating IPv6 (?) Message-ID: <24393.1560893271@segfault.tristatelogic.com> In-Reply-To: <CAPS9%2BSvvHLC-MBWpHXBf6utscLyrtPvdtbiekk2OA1y4asH0=w@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <CAPS9+SvvHLC-MBWpHXBf6utscLyrtPvdtbiekk2OA1y4asH0=3Dw@mail.gma= il.com> Andreas Nilsson <andrnils@gmail.com> wrote: >But why are you even running rc.firewall if it does not do what you want? You are asking me the very question that *I* have been asking myself since my "upgrade" to 12.0. Why is /etc/rc.firewall even being executed? I never explicitly asked for that, but that seems to just be a by-product of how things are arranged these days.... a by-product that I have no direct control over. >Just set firewall_script=3D"/path/to/script" and your good to go, no ipv6 >anywhere to be found. That is *not* what the Handbook says. Please read it. https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipf= w.html The way that I am reading section 30.4.1 is that it is telling the user to put BOTH of these things into /etc/rc.conf: firewall_enable=3D"YES" firewall_type=3D"path-to-my-rules-file" And indeed, that is -exactly- what I have done on my prior FreeBSD systems= ... enable *and* configure. One or the other of those /etc/rc.conf lines nowadays apparently triggers /etc/rc.firewall to run. I never explicitly asked for that to run, but it did anyway. I am just going with the flow. Regards, rfg
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?24393.1560893271>