On 10/10/05, Brian E. Conklin <[EMAIL PROTECTED]> wrote: > > So I am assuming because IPFW is built into the kernel with a "default to > deny" option, I will need an IPFW rule allowing everything? Or, can I change > my rc.conf to have IPFIREWALL_ENABLE="NO"? >
IPFW can be compiled static into the kernel, or it can be loaded as a module. My understanding is that when loading as a module, default deny is your only option. If you compile into the kernel with "options IPFFIREWALL_DEFAULT_TO_ACCEPT" then you get the obvious results. This is all in the handbook by the way: http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/firewalls-ipfw.html Aaron _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"