Hi,
> On Mon, 30 Nov 2009 13:00:03 -0500
> John Baldwin said:
jhb> I think you can just remove the ipv6_firewall_* variables from
jhb> /etc/defaults/rc.conf completely. Perhaps you can use 'set_rcvar_obsolete'
jhb> in /etc/rc.firewall to emit a warning if ipv6_firewall_enable is defined
On Wednesday 25 November 2009 11:01:16 am Hajimu UMEMOTO wrote:
> Hi,
>
> > On Mon, 23 Nov 2009 12:55:25 -0500
> > John Baldwin said:
>
> I updated the patch.
>
> jhb> I had missed the me vs any. It is true that the equivalent rule would
> use
> jhb> me6. I would rather figure out th
Hi,
> On Mon, 23 Nov 2009 12:55:25 -0500
> John Baldwin said:
I updated the patch.
jhb> I had missed the me vs any. It is true that the equivalent rule would use
jhb> me6. I would rather figure out the IPv6 bug so that TCP is treated the
jhb> same for both protocols instead of having
Hi,
> On Mon, 23 Nov 2009 10:27:43 -0800
> Benjamin Lee said:
ben> There is a bug in ipfw send_pkt() that prevents ipfw_tick() from
ben> functioning for IPv6. See PR kern/117234.
I confirmed that the patch fixed the problem. Thank you for letting
me know.
Sincerely,
--
Hajimu UMEMOT
> From: John Baldwin
> Date: Mon, 23 Nov 2009 12:55:25 -0500
> Sender: owner-freebsd-curr...@freebsd.org
>
> On Monday 23 November 2009 12:27:23 pm Hajimu UMEMOTO wrote:
> > Hi,
> >
> > > On Mon, 23 Nov 2009 10:56:14 -0500
> > > John Baldwin said:
> >
> > jhb> @@ -178,6 +212,16 @@
> >
On 11/23/2009 09:55 AM, John Baldwin wrote:
> On Monday 23 November 2009 12:27:23 pm Hajimu UMEMOTO wrote:
>> Hi,
>>
>>> On Mon, 23 Nov 2009 10:56:14 -0500
>>> John Baldwin said:
>> jhb> # For services permitted below.
>> jhb> ${fwcmd} add pass tcp from me to any establish
On Monday 23 November 2009 12:27:23 pm Hajimu UMEMOTO wrote:
> Hi,
>
> > On Mon, 23 Nov 2009 10:56:14 -0500
> > John Baldwin said:
>
> jhb> @@ -178,6 +212,16 @@
> jhb> # Allow any traffic to or from my own net.
> jhb> ${fwcmd} add pass all from me to ${net}
> jhb>
Hi,
> On Mon, 23 Nov 2009 10:56:14 -0500
> John Baldwin said:
jhb> @@ -178,6 +212,16 @@
jhb> # Allow any traffic to or from my own net.
jhb> ${fwcmd} add pass all from me to ${net}
jhb> ${fwcmd} add pass all from ${net} to me
jhb> + if [ -n "$net6" ]; then
j
On Mon, 23 Nov 2009, John Baldwin wrote:
On Monday 23 November 2009 10:13:54 am Hajimu UMEMOTO wrote:
Hi,
On Sun, 22 Nov 2009 11:12:33 -0800
Doug Barton said:
dougb> In rc.firewall you seem to have copied afexists() from network.subr.
dougb> Is there a reason that you did not simply source
On Monday 23 November 2009 10:13:54 am Hajimu UMEMOTO wrote:
> Hi,
>
> > On Sun, 22 Nov 2009 11:12:33 -0800
> > Doug Barton said:
>
> dougb> In rc.firewall you seem to have copied afexists() from network.subr.
> dougb> Is there a reason that you did not simply source that file? That
wou
Hi,
> On Sun, 22 Nov 2009 11:12:33 -0800
> Doug Barton said:
dougb> In rc.firewall you seem to have copied afexists() from network.subr.
dougb> Is there a reason that you did not simply source that file? That would
dougb> be the preferred method. Also in that file you call "if afexists
d
Hajimu UMEMOTO wrote:
> Hi,
>
> The ipfw and ip6fw were unified into ipfw2, now. But, we still have
> rc.firewall and rc.firewall6. However, there are conflicts with each
> other, and it confuses the users, IMHO.
> So, I made a patch to unify rc.firewall and rc.firewall6, and obsolete
> rc.firew
12 matches
Mail list logo
