net.inet.ip.fw.enable=1
Bill Fumerola
billf at FreeBSD.org
Thu Jul 21 01:32:07 GMT 2005
On Wed, Jul 20, 2005 at 03:41:47PM -0700, Muk Dunkin wrote:
> Does anyone know what's the reason why
> net.inet.ip.fw.enable was set to 1 as the default?
> I've tried setting it to 0 and reboot,
> net.inet.ip.fw.enable was reset to 1. Being that, all
> packets will go thru the firewall code even if there
> was no active firewall rules in place.
changes to sysctls are not persistant. of course, you could program
something to record the value on shutdown and restore on boot. that'd
be overkill, look at the firewall_* directives for rc.conf.
regardless, packets will not go very far into the firewall code if no
rules are present. i would seriously doubt you could observe any
performance difference.
--
- bill fumerola / billf at FreeBSD.org
More information about the freebsd-ipfw
mailing list