diff options
| author | Darren Reed <darrenr@FreeBSD.org> | 2001-11-24 15:36:30 +0000 |
|---|---|---|
| committer | Darren Reed <darrenr@FreeBSD.org> | 2001-11-24 15:36:30 +0000 |
| commit | 2129325c098760fe01d1b7b452c0d16ae56381b9 (patch) | |
| tree | af7dbbd8a5528518ab68bb8f20913312af48aa71 /etc/defaults | |
| parent | 2c9fb90995c4e551d4f668f5a87309cea17c4f75 (diff) | |
| download | src-2129325c098760fe01d1b7b452c0d16ae56381b9.tar.gz src-2129325c098760fe01d1b7b452c0d16ae56381b9.zip | |
second part of the patches to complete ipf changes to rc
PR: multiple
Submitted by: Arjan de Vet <devet@devet.org>
Notes
Notes:
svn path=/head/; revision=86856
Diffstat (limited to 'etc/defaults')
| -rw-r--r-- | etc/defaults/rc.conf | 20 |
1 files changed, 8 insertions, 12 deletions
diff --git a/etc/defaults/rc.conf b/etc/defaults/rc.conf index a1245d100dcb..f0b61487f024 100644 --- a/etc/defaults/rc.conf +++ b/etc/defaults/rc.conf @@ -61,25 +61,21 @@ natd_enable="NO" # Enable natd (if firewall_enable == YES). natd_interface="fxp0" # Public interface or IPaddress to use. natd_flags="" # Additional flags for natd. ipfilter_enable="NO" # Set to YES to enable ipfilter functionality -ipfilter_program="/sbin/ipf -Fa -f" - # program and how to specify the rules file, - # see /etc/rc.network (pass1) for details +ipfilter_program="/sbin/ipf" # where the ipfilter program lives ipfilter_rules="/etc/ipf.rules" # rules definition file for ipfilter, see # /usr/src/contrib/ipfilter/rules for examples -ipfilter_flags="-E" # should be *empty* when ipf is _not_ a module - # (i.e. compiled into the kernel) to - # avoid a warning about "already initialized" -ipnat_enable="NO" # Set to YES for ipnat; needs ipfilter, too! -ipnat_program="/sbin/ipnat -CF -f" # program and how to specify rules file +ipfilter_flags="" # additional flags for ipfilter +ipnat_enable="NO" # Set to YES to enable ipnat functionality +ipnat_program="/sbin/ipnat" # where the ipnat program lives ipnat_rules="/etc/ipnat.rules" # rules definition file for ipnat ipnat_flags="" # additional flags for ipnat +ipmon_enable="NO" # Set to YES for ipmon; needs ipfilter or ipnat +ipmon_program="/sbin/ipmon" # where the ipfilter monitor program lives +ipmon_flags="-Ds" # typically "-Ds" or "-D /var/log/ipflog" ipfs_enable="NO" # Set to YES to enable saving and restoring # of state tables at shutdown and boot -ipfs_flags="" # additional flags for ipfs ipfs_program="/sbin/ipfs" # where the ipfs program lives -ipmon_enable="NO" # Set to YES for ipmon; needs ipfilter, too! -ipmon_program="/sbin/ipmon" # where the ipfilter monitor program lives -ipmon_flags="-Ds" # typically "-Ds" or "-D /var/log/ipflog" +ipfs_flags="" # additional flags for ipfs tcp_extensions="YES" # Set to NO to turn off RFC1323 extensions. log_in_vain="NO" # YES to log connects to ports w/o listeners. tcp_keepalive="YES" # Enable stale TCP connection timeout (or NO). |