From owner-freebsd-ipfw@FreeBSD.ORG Tue Apr 3 03:17:27 2007 Return-Path: X-Original-To: ipfw@freebsd.org Delivered-To: freebsd-ipfw@FreeBSD.ORG Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id C30F316A402 for ; Tue, 3 Apr 2007 03:17:27 +0000 (UTC) (envelope-from sean@mcneil.com) Received: from mail.mcneil.com (mcneil.com [24.199.45.54]) by mx1.freebsd.org (Postfix) with ESMTP id 9966C13C45E for ; Tue, 3 Apr 2007 03:17:27 +0000 (UTC) (envelope-from sean@mcneil.com) Received: from localhost (localhost.mcneil.com [127.0.0.1]) by mail.mcneil.com (Postfix) with ESMTP id C62DFF2324; Mon, 2 Apr 2007 20:17:26 -0700 (PDT) X-Virus-Scanned: amavisd-new at mcneil.com Received: from mail.mcneil.com ([127.0.0.1]) by localhost (mcneil.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GYtr8A6Tu12y; Mon, 2 Apr 2007 20:17:26 -0700 (PDT) Received: from ferrari (ferrari.mcneil.com [10.1.0.50]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by mail.mcneil.com (Postfix) with ESMTP id 5AF09F1A5C; Mon, 2 Apr 2007 20:17:26 -0700 (PDT) Message-ID: <001201c7759e$985f1840$3200010a@ferrari> From: "Sean McNeil" To: "ProtectNet" References: <001601c7755d$79cf1010$07e90b93@ferrari> <8207a8df0704021959x18ddcd6fud43a1422da78d4f3@mail.gmail.com> Date: Mon, 2 Apr 2007 20:17:21 -0700 MIME-Version: 1.0 Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=response Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.3028 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3028 Cc: ipfw@freebsd.org Subject: Re: bad test in /etc/rc.d/ip6fw X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2007 03:17:27 -0000 Hi Henrique, > For Firewall in IPV6 enable in kernel > > options IPV6FIREWALL # Enable ipfirewall(4) for ipv6 > options IPV6FIREWALL_VERBOSE # Enable log's in syslogd(4) > options IPV6FIREWALL_VERBOSE_LIMIT=100 # Set limite in syslogd in 100 > registers > options IPV6FIREWALL_DEFAULT_TO_ACCEPT # Enable default Open Firewall > > And sorry my poor english :p No problem. You miss my point, however. I have none of these in my kernel config yet I have net.inet6.ip6.fw.enable defined. This prevents the /etc/rc.d/ip6fw script from kldload'ing the appropriate module. So either the code that creates the kernel parameter or the script needs to be changed so that they work in tandem. > Henrique Mattos > > 2007/4/2, Sean McNeil : >> I just noticed that ip6fw isn't loading the ip6fw kernel module because >> my kernel somehow already has the sysctl value in it. This is >> FreeBSD -STABLE and I have the following in my kernel: >> >> options INET # InterNETworking >> options INET6 # IPv6 communications protocols >> >> options IPFIREWALL >> options IPFIREWALL_FORWARD >> options IPDIVERT >> options DUMMYNET >> >> net.inet6.ip6.fw.enable managed to get in the kernel. >> >> Cheers, >> Sean >> _______________________________________________ >> freebsd-ipfw@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw >> To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" >> > >