In my custom kernel with IPFIREWALL_DEFAULT_TO_ACCEPT, i see OID
(net.inet.ip.fw.default_to_accept) who has present in system and i can control him through loader.conf.
But ipfw.ko from GENERIC kernel does not produce this OID so, booting machine on GENERIC kernel with FIREWALL and "65535 pass ip from any to any" is not possible.
In /usr/src/sys/netinet/ipfw/ip_fw2.c
i see:
What is SYSCTL_NODE and why net.inet.ip.fw.default_to_accept not producing in ipfw.ko without IPFIREWALL_DEFAULT_TO_ACCEPT ?
(net.inet.ip.fw.default_to_accept) who has present in system and i can control him through loader.conf.
But ipfw.ko from GENERIC kernel does not produce this OID so, booting machine on GENERIC kernel with FIREWALL and "65535 pass ip from any to any" is not possible.
In /usr/src/sys/netinet/ipfw/ip_fw2.c
i see:
Code:
#ifdef SYSCTL_NODE
...
SYSCTL_INT(_net_inet_ip_fw, OID_AUTO, default_to_accept, CTLFLAG_RDTUN,
&default_to_accept, 0, "Make the default rule accept all packets.");
TUNABLE_INT("net.inet.ip.fw.default_to_accept", &default_to_accept);
#endif /* SYSCTL_NODE */
What is SYSCTL_NODE and why net.inet.ip.fw.default_to_accept not producing in ipfw.ko without IPFIREWALL_DEFAULT_TO_ACCEPT ?