On 6/15/09, subbsd <sub...@gmail.com> wrote: > Hello > > On Monday 15 June 2009 12:37:08 membrana wrote: >> subbsd wrote: >> > Hello maillist, >> > >> > Whether there is a way for booting GENERIC kernel with >> > ipfw_load="YES" >> > >> > and >> > >> > 65535 allow ip from any to any >> > >> > rules without recompile kernel with options IPFIREWALL_DEFAULT_TO_ACCEPT >> > ? >> > >> > This is single options who force me customize my own kernel with >> > freebsd- >> > update. >> > >> > Thanks! >> >> put ipfw_load="YES" in /boot/loader.conf - keep in mind default is deny >> > ... > As i understand, no way for make permit by default when ipfw.ko is loading, > before running rc-/user-scripts (rc/rc.firewall...) ? Thanks
put "net.inet.ip.fw.default_to_accept=1" in /etc/sysctl.conf I guess that rc.d/sysctl is run before rc.d/ipfw -- Paul _______________________________________________ email@example.com mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"