Return to BSD News archive
Xref: sserve comp.os.386bsd.questions:16382 comp.os.386bsd.misc:5195 comp.os.386bsd.bugs:2953 Path: sserve!newshost.anu.edu.au!harbinger.cc.monash.edu.au!bunyip.cc.uq.oz.au!munnari.oz.au!hpg30a.csc.cuhk.hk!news.hk.net!howland.reston.ans.net!agate!violet.berkeley.edu!jkh From: jkh@violet.berkeley.edu (Jordan K. Hubbard) Newsgroups: comp.os.386bsd.questions,comp.os.386bsd.misc,comp.os.386bsd.bugs Subject: Re: FreeBSD 2.0: ipfirewall kernl config Date: 2 Feb 1995 09:05:37 GMT Organization: University of California, Berkeley Lines: 24 Message-ID: <3gq791$hrj@agate.berkeley.edu> References: <3gaudh$1k@clarknet.clark.net> <3gb3i4$4d6@homer.alpha.net> <D3B95s.EAr@asstdc.scgt.oz.au> <3govp5$raa@clarknet.clark.net> NNTP-Posting-Host: violet.berkeley.edu In article <3govp5$raa@clarknet.clark.net>, Robert Watson <rwatson@clark.net> wrote: >: But, whilst parsing correctly, this returns "ipfw: setsockopt failed" on >: SNAP-950112 :-( :-( > >I think that's because you don't have accounting enabled. Our firewall >is now working, but we get that because the accounting symbols aren't >compiled into our kernel. Of course, I could be mistaken ;) I know that this code has been undergoing a lot of revision lately, and that the doc is not always the most readable given that the author's native tongue is russian, but I believe what's in the very next snap (950202, and due to be released in a matter of hours) is quite improved and become slowly more so. I strongly urge anyone interested in FreeBSD's firewall code to talk with the original author, Ugen J.S.Antsilevich <ugen@freebsd.org> - he's always interested in feedback and suggestions! Additionally, and it must be said, if FreeBSD's firewall handling is to get *truly* good for handling industrial-strength firewall applications then it's only going to be because some of its users stepped forward and got more actively involved. We're not BSDI here, and we have to rely heavily on user contributions and feedback to really move quickly on any issue. Jordan