netbsd-help: Re: got "/ipf.core"

Subject: Re: got "/ipf.core"
To: Henry Nelson <henry@irm.nara.kindai.ac.jp>
From: Patrick Welche <prlw1@newn.cam.ac.uk>
List: netbsd-help
Date: 03/23/2000 10:04:19

On Thu, Mar 23, 2000 at 11:17:43AM +0900, Henry Nelson wrote:
>
> If the rules are not read in because of an ipf core dump (I'm not saying
> that is the case, because I plain don't know.), doesn't that mean that the
> kernel's ipfilter module would fall back to the default rules?  Isn't the
> default PASS IN/OUT ALL?

Adding

options         IPFILTER_DEFAULT_BLOCK

to your kernel config changes the default to block all...

Cheers,

Patrick