Date: Fri, 27 Feb 2004 15:43:16 -0500 From: "Shaun T. Erickson" <ste@ste-land.com> To: Warren Block <wblock@wonkity.com> Cc: freebsd-questions@freebsd.org Subject: Re: Firewall enabling confusion. Message-ID: <403FABE4.6050608@ste-land.com> In-Reply-To: <20040227132231.P2868@wonkity.com> References: <20040227194414.835572B4DA7@mail.evilcoder.org> <403F9F4B.6080608@ste-land.com> <20040227132231.P2868@wonkity.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Warren Block wrote: > On Fri, 27 Feb 2004, Shaun T. Erickson wrote: > > >>Thanks! Yes, the ipfw.ko module is getting loaded. So now I just need to >>know how to enable things like divert and logging. > > > /etc/rc.firewall has examples. I looked at that. That's not what I mean. :) I mean, if I do not have to build a new kernel to enable firewalling, logging and divert, then how do I enable them, such that the following line from my messages file would show that they have been enabled? Adding firewall_enable="YES" to rc.conf caused the ipfw module to be loaded, enabling firewalling. Adding firewall_logging="YES" did *not* enable logging in the message file line shown below. How do I do that? How would I get that line to show divert as being enabled? I may be wrong (correct me if I am, please), but doesn't that line have to show them as enabled, before I can successfully make use of them in ipfw commands like those you pointed me to in rc.firewall? What if I want that line to report that the default is open, instead of deny? Feb 27 14:37:22 peter kernel: ipfw2 initialized, divert disabled, rule-based forwarding enabled, default to deny, logging disabled -ste
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?403FABE4.6050608>