ipfw
Lee Brotherston
lee at nerds.org.uk
Tue Jul 2 12:12:28 BST 2002
On Tue, Jul 02, 2002 at 12:00:40PM +0100, Mark Hughes wrote:
> > I have a rule in my ipfw saying:-
> >
> > 65535 deny ip from any to any
> >
> > does anyone know how to remove this?
>
>
> Think it's a kernel config option you need to change then recompile your
> kernel - default_deny to false, I think. It'd be easier just to add in a
> rule with a number lower than 65535 saying allow ip from any to any, if
> you're sure you want to do that.
65535 is set by the kernel when ipfw is compiled in, after all without
a default rule what would it do when it got a packet ;)
It defaults to deny, but you can set it to default accept with this
line in your kernel:
options IPFIREWALL_DEFAULT_TO_ACCEPT
Or yeah, you could just:
ipfw add 65534 allow ip from any to any
Thanks
Lee
--
Lee Brotherston - <lee at nerds.org.uk>
http://www.nerds.org.uk - "Use the source Luke"
More information about the Ukfreebsd
mailing list