loading ipfw module without default-deny
Hello, I want to: kldload ipfw.ko but I am not near the physical machine, and cannot type in an allow rule after loading the module - by default all traffic will be denied. How can I load the ipfw.ko module but not knock myself off the network ? My only thought was to put an `ipfw add` rule into a cron job to run one minute after I load the module, but that seems silly :) To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: loading ipfw module without default-deny
In [EMAIL PROTECTED], Josh Brooks [EMAIL PROTECTED] typed: I want to: kldload ipfw.ko but I am not near the physical machine, and cannot type in an allow rule after loading the module - by default all traffic will be denied. How can I load the ipfw.ko module but not knock myself off the network ? How about a shell script that does the kldload and then the ipfw add to allow all traffic from your machine? That's how I used to reload ifpw rules remotely. Do nohup the shell script when you run it. mike -- Mike Meyer [EMAIL PROTECTED] http://www.mired.org/consulting.html Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: loading ipfw module without default-deny
On Thursday 06 March 2003 12:19, Josh Brooks wrote: Hello, I want to: kldload ipfw.ko but I am not near the physical machine, and cannot type in an allow rule after loading the module - by default all traffic will be denied. How can I load the ipfw.ko module but not knock myself off the network ? try this : kldload ipfw.ko ; ipfw add 5 allow ip from any to any or even better : kldload ipfw.ko ; sh /etc/rc.firewall My only thought was to put an `ipfw add` rule into a cron job to run one minute after I load the module, but that seems silly :) grtz, Daan To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
Re: loading ipfw module without default-deny
On Thu, 6 Mar 2003, Josh Brooks wrote: Hello, I want to: kldload ipfw.ko but I am not near the physical machine, and cannot type in an allow rule after loading the module - by default all traffic will be denied. How can I load the ipfw.ko module but not knock myself off the network ? My only thought was to put an `ipfw add` rule into a cron job to run one minute after I load the module, but that seems silly :) Try this: # cd /sys/modules/ipfw edit Makefile and uncomment the line: #CFLAGS+= -DIPFIREWALL_DEFAULT_TO_ACCEPT Then 'make; make install' you may have to do a 'make clean' before is you already compiled the module. After that, you'll have a ipfw.ko with a default accept policy. Hope this helps Fer To Unsubscribe: send mail to [EMAIL PROTECTED] with unsubscribe freebsd-questions in the body of the message
