Hi,
I've got a number of 9.1 boxes, where we need to enable ipfw (by
kldload'ing it).
I'm sure I saw a while ago a sysctl that would change the default ipfw
config from 'deny all' to 'allow all' - even for a kldload? But I can't
find it now.
The boxes have a number of CARP interfaces on
Am 29.07.2013 12:45, schrieb Karl Pielorz:
I've got a number of 9.1 boxes, where we need to enable ipfw (by
kldload'ing it).
I'm sure I saw a while ago a sysctl that would change the default ipfw
config from 'deny all' to 'allow all' - even for a kldload? But I can't
find it now.
I guess
--On 29 July 2013 13:02 +0200 Stefan Esser s...@freebsd.org wrote:
I guess you were looking for:
net.inet.ip.fw.default_to_accept=1
which is a tunable to be set in /boot/loader.conf ...
Very probably - but that's at boot time :( - Is there nothing I can do at
kldload time to have
On 29 July 2013 12:27, Karl Pielorz kpielorz_...@tdx.co.uk wrote:
--On 29 July 2013 13:02 +0200 Stefan Esser s...@freebsd.org wrote:
I guess you were looking for:
net.inet.ip.fw.default_to_**accept=1
which is a tunable to be set in /boot/loader.conf ...
Very probably - but
--On 29 July 2013 12:30 +0100 Simon Dick sim...@irrelevant.org wrote:
My normal way is to run the kldload in screen and manually run an allow
all right afterwards
e.g.
kldload ipfw ipfw blah... :)
Yeah, that would probably work - I'm more concerned what impact it would
have on the CARP
On Mon, Jul 29, 2013 at 12:27:40PM +0100, Karl Pielorz wrote:
--On 29 July 2013 13:02 +0200 Stefan Esser s...@freebsd.org wrote:
I guess you were looking for:
net.inet.ip.fw.default_to_accept=1
which is a tunable to be set in /boot/loader.conf ...
Very probably - but that's
--On 29 July 2013 17:04 +0300 Konstantin Belousov kostik...@gmail.com
wrote:
kenv net.inet.ip.fw.default_to_accept=1
should have the same effect after the usermode is booted. Kenv must
be set before the module is loaded.
Great - thanks! - I'll give that a go in the test environment,
7 matches
Mail list logo
