From owner-freebsd-questions@FreeBSD.ORG  Fri Nov  2 14:38:12 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 60F9216A41A
	for <freebsd-questions@freebsd.org>;
	Fri,  2 Nov 2007 14:38:12 +0000 (UTC)
	(envelope-from ecrist@secure-computing.net)
Received: from snipe.secure-computing.net (snipe.secure-computing.net
	[209.240.66.149])
	by mx1.freebsd.org (Postfix) with ESMTP id 3065A13C4D9
	for <freebsd-questions@freebsd.org>;
	Fri,  2 Nov 2007 14:38:11 +0000 (UTC)
	(envelope-from ecrist@secure-computing.net)
Received: from swordfish.local.claimlynx.com (unknown [74.95.66.25])
	(using TLSv1 with cipher AES128-SHA (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: ecrist@secure-computing.net)
	by snipe.secure-computing.net (Postfix) with ESMTP id C689617053
	for <freebsd-questions@freebsd.org>;
	Fri,  2 Nov 2007 09:30:31 -0500 (CDT)
Message-Id: <34F952F8-AEB5-4C13-9E3B-09105AA31B38@secure-computing.net>
From: Eric F Crist <ecrist@secure-computing.net>
To: User Questions <freebsd-questions@freebsd.org>
Content-Type: text/plain; charset=US-ASCII; format=flowed; delsp=yes
Content-Transfer-Encoding: 7bit
Mime-Version: 1.0 (Apple Message framework v912)
Date: Fri, 2 Nov 2007 09:30:29 -0500
X-Mailer: Apple Mail (2.912)
Subject: IPFW2 woes...
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Nov 2007 14:38:12 -0000

Hey all,

I've written a short IPFW ruleset, with only some count rules and one  
allow all ip rule.  I've got the following entries in my /etc/rc.conf  
file:

# IPFW Settings
# Only used for traffic accounting!
firewall_enable="YES"
firewall_script="/etc/ipfw.sh"

Every time this system boots, it asks if I'm sure if I want the divert  
daemon enabled?  The answer, really, is NO.  pf is doing all that for  
me, I'm just using IPFW for packet accounting.  The message changes  
slightly if I add natd_enable="NO" to the file.

Why is it asking me this, and what do I need to do to make it go away!?

Thanks!
-----
Eric F Crist
Secure Computing Networks