Re: firewall support?

2002-07-29 Thread Sheldon Hearn

On (2002/07/28 09:49), Szilveszter Adam wrote:

  is firewall support built into the -current kernel or does it need to be
  compiled in?
 
 It is not in GENERIC, but you can always either compile it in, or load
 it from a module by editing /boot/loader.conf.

Beware!

AFAIK, the kernel-loadable version of IPFW (ipfw.ko) defaults to deny!

Enable with care on remotely managed systems for which you do not have
serial console access.

Ciao,
Sheldon.

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: firewall support?

2002-07-29 Thread Szilveszter Adam

On Mon, Jul 29, 2002 at 02:44:50PM +0200, Sheldon Hearn wrote:
 On (2002/07/28 09:49), Szilveszter Adam wrote:
 
   is firewall support built into the -current kernel or does it need to be
   compiled in?
  
  It is not in GENERIC, but you can always either compile it in, or load
  it from a module by editing /boot/loader.conf.
 
 Beware!
 
 AFAIK, the kernel-loadable version of IPFW (ipfw.ko) defaults to deny!

Correct. But we also have ipfilter, which is also loadable... but I did
not want to be specific. If there are other questions, I will.

 Enable with care on remotely managed systems for which you do not have
 serial console access.

It's not for nothing that the first rule of firewall configuration:

Show up! (at the console). Many a surprise can be averted this
way...:-)

-- 
Regards:

Szilveszter ADAM
Szombathely Hungary

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



firewall support?

2002-07-28 Thread karl agee

is firewall support built into the -current kernel or does it need to be
compiled in?

--karl




To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message



Re: firewall support?

2002-07-28 Thread Szilveszter Adam

On Sat, Jul 27, 2002 at 11:59:01PM -0700, karl agee wrote:
 is firewall support built into the -current kernel or does it need to be
 compiled in?
 
 --karl

It is not in GENERIC, but you can always either compile it in, or load
it from a module by editing /boot/loader.conf.

-- 
Regards:

Szilveszter ADAM
Szombathely Hungary

To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-current in the body of the message