Add a small note about using a sysctl instead of recompiling the
kernel. PR: 31976 Submitted by: Marc Silver <marcs@riffraff.plig.net>
This commit is contained in:
Murray Stokely
parent
a15f897fee
commit
a8a2275f0d
Notes:
svn2git
2020-12-08 03:00:23 +00:00
svn path=/head/; revision=11205
1 changed files with 4 additions and 2 deletions
|
|
@ -213,7 +213,7 @@ $fwcmd add allow tcp from any to any out xmit tun0 setup
|
||||||
$fwcmd add allow tcp from any to any via tun0 established
|
$fwcmd add allow tcp from any to any via tun0 established
|
||||||
|
|
||||||
# Everyone on the internet is allowed to connect to the following
|
# Everyone on the internet is allowed to connect to the following
|
||||||
# services on the machine. This example shows that people may connect
|
# services on the machine. This example specifically allows connections
|
||||||
# to ssh and apache.
|
# to ssh and apache.
|
||||||
$fwcmd add allow tcp from any to any 80 setup
|
$fwcmd add allow tcp from any to any 80 setup
|
||||||
$fwcmd add allow tcp from any to any 22 setup
|
$fwcmd add allow tcp from any to any 22 setup
|
||||||
|
|
@ -284,7 +284,9 @@ $fwcmd add 65435 deny log ip from any to any</programlisting>
|
||||||
command. Alternatively, you may increase the log limit in
|
command. Alternatively, you may increase the log limit in
|
||||||
your kernel configuration with the
|
your kernel configuration with the
|
||||||
<option>IPFIREWALL_VERBOSE_LIMIT</option> option as
|
<option>IPFIREWALL_VERBOSE_LIMIT</option> option as
|
||||||
described above.</para>
|
described above. You may also change this limit (without
|
||||||
|
recompiling your kernel and having to reboot) by using the
|
||||||
|
net.inet.ip.fw.verbose_limit &man.sysctl.8; value.</para>
|
||||||
</answer>
|
</answer>
|
||||||
</qandaentry>
|
</qandaentry>
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue