Re: net.inet{,6}.fw.enable in /etc/rc

2014-10-13 Thread Ian Smith
On Sun, 12 Oct 2014 05:02:11 +0900, Hiroki Sato wrote: Ian Smith smi...@nimnet.asn.au wrote in 20141003025830.d48...@sola.nimnet.asn.au: sm which rules will be flushed when /etc/rc.d/ipfw runs, but should enable sm DHCP to work? I'm not sure whether those rules are exactly correct or

Re: net.inet{,6}.fw.enable in /etc/rc

2014-10-13 Thread Hiroki Sato
Ian Smith smi...@nimnet.asn.au wrote in 20141013202423.j56...@sola.nimnet.asn.au: sm Anyway, looking at rcorder /etc/rc.d/* there are quite a few possible sm interdependencies to explore before considering moving ipfw, including sm its relationship to pf - some people do use both - and perhaps

Re: net.inet{,6}.fw.enable in /etc/rc

2014-10-11 Thread Hiroki Sato
Ian Smith smi...@nimnet.asn.au wrote in 20141003025830.d48...@sola.nimnet.asn.au: sm which rules will be flushed when /etc/rc.d/ipfw runs, but should enable sm DHCP to work? I'm not sure whether those rules are exactly correct or sm sufficient for DHCP, but principle is to anly allow what's

Re: net.inet{,6}.fw.enable in /etc/rc

2014-10-02 Thread Hiroki Sato
Julian Elischer jul...@freebsd.org wrote in 542155fb.9020...@freebsd.org: ju On 9/23/14, 2:01 AM, Andrey V. Elsukov wrote: ju On 21.09.2014 09:58, Hiroki Sato wrote: ju Hi, ju juI would like your comments about the attached patch to /etc/rc. ju juThe problem I want to fix by this

Re: net.inet{,6}.fw.enable in /etc/rc

2014-10-02 Thread Ian Smith
On Thu, 2 Oct 2014 16:39:13 +0900, Hiroki Sato wrote: Julian Elischer jul...@freebsd.org wrote in 542155fb.9020...@freebsd.org: ju On 9/23/14, 2:01 AM, Andrey V. Elsukov wrote: ju On 21.09.2014 09:58, Hiroki Sato wrote: ju Hi, ju juI would like your comments about the

Re: net.inet{,6}.fw.enable in /etc/rc

2014-09-23 Thread Julian Elischer
On 9/23/14, 2:01 AM, Andrey V. Elsukov wrote: On 21.09.2014 09:58, Hiroki Sato wrote: Hi, I would like your comments about the attached patch to /etc/rc. The problem I want to fix by this patch is as follows. net.inet{,6}.fw.enable are set to 1 by default at boot time if IPFW kernel

Re: net.inet{,6}.fw.enable in /etc/rc

2014-09-22 Thread Andrey V. Elsukov
On 21.09.2014 09:58, Hiroki Sato wrote: Hi, I would like your comments about the attached patch to /etc/rc. The problem I want to fix by this patch is as follows. net.inet{,6}.fw.enable are set to 1 by default at boot time if IPFW kernel module is loaded or statically compiled into a

net.inet{,6}.fw.enable in /etc/rc

2014-09-21 Thread Hiroki Sato
Hi, I would like your comments about the attached patch to /etc/rc. The problem I want to fix by this patch is as follows. net.inet{,6}.fw.enable are set to 1 by default at boot time if IPFW kernel module is loaded or statically compiled into a kernel. And by default IPFW has only a deny

Re: net.inet{,6}.fw.enable in /etc/rc

2014-09-21 Thread Ian Smith
On Sun, 21 Sep 2014 14:58:12 +0900, Hiroki Sato wrote: Hi, I would like your comments about the attached patch to /etc/rc. The problem I want to fix by this patch is as follows. net.inet{,6}.fw.enable are set to 1 by default at boot time if IPFW kernel module is loaded or