Date: Wed, 21 Feb 2007 12:31:05 -0600 From: "Scot Hetzel" <swhetzel@gmail.com> To: "Kevin Oberman" <oberman@es.net> Cc: current@freebsd.org, Eric Anderson <anderson@freebsd.org> Subject: Re: Unable to use network early in boot with recent -current Message-ID: <790a9fff0702211031r226ba0bdsfab2eab5f4748191@mail.gmail.com> In-Reply-To: <20070221180450.2E55D45053@ptavv.es.net> References: <45DC4633.6060204@freebsd.org> <20070221180450.2E55D45053@ptavv.es.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2/21/07, Kevin Oberman <oberman@es.net> wrote: > > Firewall rules? > > Please ignore my prior message. I just tried and "ipfw list" shows the > single default deny rule, "65535 deny ip from any to any". I have no > idea why this is in effect at this early in the startup process...long > before the firewall rules are loaded. Guess I will stop loading ipfw at > boot time and let the startup file load it. > That is the default ipfw deny rule when ipfw is loaded, it is used to protect the system from intrusion by unauthorized persons, until you have your firewall rules loaded. You can add: option IPFIREWALL_DEFAULT_TO_ACCEPT to your kernel config file, which would open your system to the world until your firewall rules restrict what other systems can access on that server. Scot -- DISCLAIMER: No electrons were mamed while sending this message. Only slightly bruised.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?790a9fff0702211031r226ba0bdsfab2eab5f4748191>