One big mistake by my part. like you see below, i was having problems with secure level and ipf, but the problem was this:
My old /etc/rc.conf was: kernel_securelevel=3 But after checking man rc.conf again, is kern_securelevel This way rc.conf dont let freebsd set that variable, now i can run ipf with the secure level 3, thanks to all. On Apr 4, 2005 9:06 AM, perikillo <[EMAIL PROTECTED]> wrote: > > Hi all, i was testing my firewaill with Freebsd 4.11 Release and ipf on > the kernel. I have ppp setup to run on every time i turn on the system, i > was using securelevel=2 on the /etc/sysctl.conf > kern.securelevel=2 > and /etc/rc.conf > /etc/rc.conf: > kernel_securelevel=2 > > After i see that my firewall was ready to start his job, i decide to > change the secure level to paranoid level and change the secure level to 3: > /etc/sysctl.conf: > kern.securelevel=3 > /etc/rc.conf: > kernel_securelevel=3 > > Went i restart my computer, and try to access with my other computer wich > use Windows 2k, i try to access the internet, and see that my browser dont > find nothing, make some test on it, but no access to the outside world. I go > back to my firewall and test the conecction: > > test#ifconfig > > This show that i was conected, then test with ping, fastest_cvsup none of > then reach the outside world. After this i test ipf : > > test#ipfstat -hio > upsssssssssssssss, dont have any rules on my firewall, the i go to: > > test# ee /var/log/console > > I go to the end of the file and read my last boot up messages and see that > went my system try read the /etc/ipf.rules and /etc/ipmon.rules the system > secure level=3 on /etc/syctl.conf dont let ipf and ipnat to charge his rules > set. > "Operation Not Permite" (something like this mmmm dont remember the right > messages :-\) > > /etc/sysctl.conf goes before /etc/rc.conf, i was thinking that if i setup > securelevel=1 on sysctl.conf and then on rc.conf after ipf and ppp start, > setup securelevel to 3, but my rc.conf dosent do nothing. > > How can i reach securelevel=3 and run my firewall, i dont want to input > nothing directly i want that baby(freebsd) do every thing automatically, > maybe i need to setup a script??? > > Or i am doing something wrong? > > I read man init but dont see nothing about this issue... > > Thanks all for your comments. > NOTE: Freebsd 4.11 Release, ipfilter compile in the kernel. This machine > run only my firewall no servers is an old pentium 100Mhz. I try to write my > best english. > > > > _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
