Hello maillist
In my custom kernel with IPFIREWALL_DEFAULT_TO_ACCEPT, this OID
(net.inet.ip.fw.default_to_accept) is present in system and i can control him
in loader.conf. I see OID when sysctl(8) execute and when i looks in binary
kernel or ipfw.ko:
% strings /boot/kernel/ipfw.ko /boot/kernel/kernel | grep
net.inet.ip.fw.default_to_accept
net.inet.ip.fw.default_to_accept
net.inet.ip.fw.default_to_accept
(it presents in ipfw.ko and kernel)
But ipfw.ko from GENERIC kernel does not produce this OID so, booting machine
on GENERIC kernel with FIREWALL and "65535 pass ip from any to any" is not
possible.
In /usr/src/sys/netinet/ipfw/ip_fw2.c
i see:
#ifdef SYSCTL_NODE
...
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, default_to_accept, CTLFLAG_RDTUN,
&default_to_accept, 0, "Make the default rule accept all packets.");
TUNABLE_INT("net.inet.ip.fw.default_to_accept", &default_to_accept);
#endif /* SYSCTL_NODE */
What is SYSCTL_NODE and why net.inet.ip.fw.default_to_accept not producing in
ipfw.ko without IPFIREWALL_DEFAULT_TO_ACCEPT ?
Thanks.
_______________________________________________
freebsd-ipfw@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to "freebsd-ipfw-unsubscr...@freebsd.org"
