firewall_enable="YES" # Set to YES to enable firewall functionality
firewall_type="client" # Firewall type (see /etc/rc.firewall)
firewall_client_net="192.0.2.0/24" # IPv4 Network address for "client"
# firewall.
#firewall_client_net_ipv6="2001:db8:2:1::/64" # IPv6 network prefix for
# "client" firewall.
Then the whole update process will simply croak.What if I do some empty file and setschg
on it
#!/bin/sh
# Flush out the list before we begin.
# Handbook section 29.4
ipfw -q -f flush
# open taken from /etc/rc.firewall
# --------------------------------
ipfw -q add 65000 allow all from any to any
sh /etc/ipfw.rules.open
. With sh /etc/ipfw.rules
assumed as current configuration the firewall should be back to normal.How to switch from my rules to 'open' rules and reverse?
What kind of services do you use without the firewall?
ipfw -q -f flush
ipfw -q add 0010 allow all from any to any via em0
ipfw -q add 0020 allow all from any to any via lo0
ipfw -q add 0030 deny all from any to any frag
ipfw -q add 0031 deny all from any to 127.0.0.0/8
ipfw -q add 0032 deny all from 127.0.0.0/8 to any
#ipfw -q add 0040 allow tcp from me to any 53 out via wlan0 setup keep-state
#ipfw -q add 0050 allow udp from me to any 53 out via wlan0 keep-state
ipfw -q add 0060 allow tcp from me to any 80 out via wlan0 setup keep-state
ipfw -q add 0070 allow tcp from me to any 443 out via wlan0 setup keep-state
ipfw -q add 0071 allow udp from me to 153.19.250.123:123 out via wlan0 keep-state
ipfw -q add 0075 allow udp from me to any 443 out via wlan0 keep-state
ipfw -q add 0080 deny icmp from any to any via wlan0
ipfw -q add 0090 deny tcp from any to any established via wlan0
ipfw -q add 1000 deny log all from any to any