On Mon, Jul 29, 2013 at 12:27:40PM +0100, Karl Pielorz wrote: > > > --On 29 July 2013 13:02 +0200 Stefan Esser <s...@freebsd.org> wrote: > > > I guess you were looking for: > > > > net.inet.ip.fw.default_to_accept="1" > > > > which is a tunable to be set in /boot/loader.conf ... > > Very probably - but that's at boot time :( - Is there nothing I can do at > kldload time to have the initial kldload give me a 'allow ip from any to > any' rule as it loads? (thus not affecting traffic on the machine, or more > importantly the CARP interfaces)?
kenv net.inet.ip.fw.default_to_accept=1 should have the same effect after the usermode is booted. Kenv must be set before the module is loaded.
pgpMRufLjGHVb.pgp
Description: PGP signature
