Re: Diskless Success...Almost
- From: Clemens Zauner <cz+usenet@xxxxxxxxxxxxxx>
- Date: Fri, 4 Apr 2008 19:58:00 +0000 (UTC)
Vladimir Tserijemiwtz <vladimir.tserijemiwtz@xxxxxxxxxxx> wrote:
problem. When I load ipfw, the default is set to deny all...that's good and
it's the way I want it. But of course the first thing that happens is it
Maybe because you told the module to do so?
denies all and because I'm using nfs it cannot run the fwrules set I have
ready. I guess I could recompile the kernel to allow everything, but that
Yes.
options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
kind of defeats my purpose of the firewall being a very strict entry point
which denies everything unless specifically allowed.
Make a "last" rule with a "default deny" (one in front of the 65535 of the
system):
65534 deny ip from any to any
HTH
Clemens.
--
/"\ http://czauner.onlineloop.com/
\ / ASCII RIBBON CAMPAIGN
X AGAINST HTML MAIL
/ \ AND POSTINGS
.
- References:
- Diskless Success...Almost
- From: Vladimir Tserijemiwtz
- Diskless Success...Almost
- Prev by Date: Re: FreeBSD 7 on Sparc64
- Next by Date: Re: Diskless Still Not Working
- Previous by thread: Diskless Success...Almost
- Index(es):
Relevant Pages
|
