[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-doc
Subject: Re: lack in the firewall chapter
From: "Simon L. Nielsen" <simon () freebsd ! org>
Date: 2003-10-28 14:19:33
[Download RAW message or body]
On 2003.10.28 09:09:06 -0500, Ken Smith wrote:
> On Tue, Oct 28, 2003 at 12:00:41PM -0200, Gabriel C. de Barros wrote:
>
> > i've spend two days trying to set ipfw or ipf .. before i understant that i
> > should lower my kernel security settings before messing with the rules.
> >
> > I think the handbook should mention that, at least in a footnote or
> > something.
> >
> > It was hard to find the answer, but while searching for it, i realized it's
> > a very common new-user mistake.
>
> I have a couple of ipfw related PR's I need to work on, I can take
> care of this as part of finishing those up.
>
> Basically you're saying if you have raised the security level of the
> kernel above 0 you can no longer change the ipfw rules.
From ipfw(8):
· The ipfw filter list may not be modified if the system security level
is set to 3 or higher (see init(8) for information on system security
levels).
I haven't tested it, and I seem to remember some problems with
securelevel and ipfw not being honored correctly in the past, so you
might want to check the source.
--
Simon L. Nielsen
FreeBSD Documentation Team
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic