Hi,
> On Mon, 30 Nov 2009 13:00:03 -0500
> John Baldwin said:
jhb> I think you can just remove the ipv6_firewall_* variables from
jhb> /etc/defaults/rc.conf completely. Perhaps you can use 'set_rcvar_obsolete'
jhb> in /etc/rc.firewall to emit a warning if ipv6_firewall_enable is defined
On Wednesday 25 November 2009 11:01:16 am Hajimu UMEMOTO wrote:
> Hi,
>
> > On Mon, 23 Nov 2009 12:55:25 -0500
> > John Baldwin said:
>
> I updated the patch.
>
> jhb> I had missed the me vs any. It is true that the equivalent rule would
> use
> jhb> me6. I would rather figure out th
Hi,
> On Mon, 23 Nov 2009 12:55:25 -0500
> John Baldwin said:
I updated the patch.
jhb> I had missed the me vs any. It is true that the equivalent rule would use
jhb> me6. I would rather figure out the IPv6 bug so that TCP is treated the
jhb> same for both protocols instead of having
Hi,
> On Mon, 23 Nov 2009 10:27:43 -0800
> Benjamin Lee said:
ben> There is a bug in ipfw send_pkt() that prevents ipfw_tick() from
ben> functioning for IPv6. See PR kern/117234.
I confirmed that the patch fixed the problem. Thank you for letting
me know.
Sincerely,
--
Hajimu UMEMOT
> From: John Baldwin
> Date: Mon, 23 Nov 2009 12:55:25 -0500
> Sender: owner-freebsd-curr...@freebsd.org
>
> On Monday 23 November 2009 12:27:23 pm Hajimu UMEMOTO wrote:
> > Hi,
> >
> > > On Mon, 23 Nov 2009 10:56:14 -0500
> > > John Baldwin said:
> >
> > jhb> @@ -178,6 +212,16 @@
> >
On 11/23/2009 09:55 AM, John Baldwin wrote:
> On Monday 23 November 2009 12:27:23 pm Hajimu UMEMOTO wrote:
>> Hi,
>>
>>> On Mon, 23 Nov 2009 10:56:14 -0500
>>> John Baldwin said:
>> jhb> # For services permitted below.
>> jhb> ${fwcmd} add pass tcp from me to any establish
On Monday 23 November 2009 12:27:23 pm Hajimu UMEMOTO wrote:
> Hi,
>
> > On Mon, 23 Nov 2009 10:56:14 -0500
> > John Baldwin said:
>
> jhb> @@ -178,6 +212,16 @@
> jhb> # Allow any traffic to or from my own net.
> jhb> ${fwcmd} add pass all from me to ${net}
> jhb>
Hi,
> On Mon, 23 Nov 2009 10:56:14 -0500
> John Baldwin said:
jhb> @@ -178,6 +212,16 @@
jhb> # Allow any traffic to or from my own net.
jhb> ${fwcmd} add pass all from me to ${net}
jhb> ${fwcmd} add pass all from ${net} to me
jhb> + if [ -n "$net6" ]; then
j
On Mon, 23 Nov 2009, John Baldwin wrote:
On Monday 23 November 2009 10:13:54 am Hajimu UMEMOTO wrote:
Hi,
On Sun, 22 Nov 2009 11:12:33 -0800
Doug Barton said:
dougb> In rc.firewall you seem to have copied afexists() from network.subr.
dougb> Is there a reason that you did not simply source
On Monday 23 November 2009 10:13:54 am Hajimu UMEMOTO wrote:
> Hi,
>
> > On Sun, 22 Nov 2009 11:12:33 -0800
> > Doug Barton said:
>
> dougb> In rc.firewall you seem to have copied afexists() from network.subr.
> dougb> Is there a reason that you did not simply source that file? That
wou
Hi,
> On Sun, 22 Nov 2009 11:12:33 -0800
> Doug Barton said:
dougb> In rc.firewall you seem to have copied afexists() from network.subr.
dougb> Is there a reason that you did not simply source that file? That would
dougb> be the preferred method. Also in that file you call "if afexists
d
Hajimu UMEMOTO wrote:
> Hi,
>
> The ipfw and ip6fw were unified into ipfw2, now. But, we still have
> rc.firewall and rc.firewall6. However, there are conflicts with each
> other, and it confuses the users, IMHO.
> So, I made a patch to unify rc.firewall and rc.firewall6, and obsolete
> rc.firew
Hi,
The ipfw and ip6fw were unified into ipfw2, now. But, we still have
rc.firewall and rc.firewall6. However, there are conflicts with each
other, and it confuses the users, IMHO.
So, I made a patch to unify rc.firewall and rc.firewall6, and obsolete
rc.firewall6 and rc.d/ip6fw.
Please review t
13 matches
Mail list logo
