Date: Wed, 19 Jun 2019 09:14:19 +0200 From: Andreas Nilsson <andrnils@gmail.com> To: "Ronald F. Guilmette" <rfg@tristatelogic.com> Cc: FreeBSD Net <freebsd-net@freebsd.org>, Mailinglists FreeBSD <freebsd-questions@freebsd.org> Subject: Re: Eliminating IPv6 (?) Message-ID: <CAPS9%2BSt4P6bfnS4L5ZpLHZA4K8qjzkLpZFPNwTeumKOyEp1tGw@mail.gmail.com> In-Reply-To: <24393.1560893271@segfault.tristatelogic.com> References: <CAPS9%2BSvvHLC-MBWpHXBf6utscLyrtPvdtbiekk2OA1y4asH0=w@mail.gmail.com> <24393.1560893271@segfault.tristatelogic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jun 18, 2019, 23:28 Ronald F. Guilmette <rfg@tristatelogic.com> wrote: > In message <CAPS9+SvvHLC-MBWpHXBf6utscLyrtPvdtbiekk2OA1y4asH0= > w@mail.gmail.com> > Andreas Nilsson <andrnils@gmail.com> wrote: > > >But why are you even running rc.firewall if it does not do what you want? > > You are asking me the very question that *I* have been asking myself > since my "upgrade" to 12.0. > > Why is /etc/rc.firewall even being executed? I never explicitly asked for > that, but that seems to just be a by-product of how things are arranged > these days.... a by-product that I have no direct control over. > > >Just set firewall_script="/path/to/script" and your good to go, no ipv6 > >anywhere to be found. > > That is *not* what the Handbook says. Please read it. > > > https://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html > > Ok, so the handbook is wrong. It's a bug in the documentation. > The way that I am reading section 30.4.1 is that it is telling the user to > put BOTH of these things into /etc/rc.conf: > > firewall_enable="YES" > firewall_type="path-to-my-rules-file" > > And indeed, that is -exactly- what I have done on my prior FreeBSD > systems... > enable *and* configure. > > One or the other of those /etc/rc.conf lines nowadays apparently triggers > /etc/rc.firewall to run. I never explicitly asked for that to run, but > it did anyway. I am just going with the flow. > As soon as set firewall_script instead of firewall_type your problems will be solved. Just try it. The man page for rc.conf will tell you the same thing. > > > Regards, > rfg > _______________________________________________ > freebsd-net@freebsd.org mailing list > https://lists.freebsd.org/mailman/listinfo/freebsd-net > To unsubscribe, send any mail to "freebsd-net-unsubscribe@freebsd.org" >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAPS9%2BSt4P6bfnS4L5ZpLHZA4K8qjzkLpZFPNwTeumKOyEp1tGw>