Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 25 May 2006 15:23:25 +0300
From:      Igor Popov <igorpopov@newmail.ru>
To:        freebsd-ipfw@freebsd.org
Subject:   securelevel and ipfw
Message-ID:  <200605251523.26335.igorpopov@newmail.ru>

Next in thread | Raw E-Mail | Index | Archive | Help
	Hi, all!
I use FreeBSD 4.11-RELEASE-p16 with ipfw2, now machine is running in 
securelevel mode:
# sysctl kern.securelevel
kern.securelevel: 1

and I can't reload ipfw rules from remote machine, as usually I do
ipfw disable firewall
/etc/firewall.sh
ipfw enable firewall
As you can guess the first rule in firewall.sh is ipfw -f flush.

but now I can't, cause on
# sysctl -w net.inet.ip.fw.enable=0
net.inet.ip.fw.enable: 1
sysctl: net.inet.ip.fw.enable: Operation not permitted

But, when I do /etc/rc.d/ipfw restart on FreeBSD 6.0 or 6.1 that is in the 
same securelevel (1) it works.

-- 
All I kin say is when you finds yo'self wanderin' in a peach orchard,
ya don't go lookin' for rutabagas.
		-- Kingfish



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?200605251523.26335.igorpopov>