Mention IPFIREWALL_DEFAULT_TO_ACCEPT and it's effect on rule 65535.

2026-04-28 17:49:22 -04:00 · 1997-09-10 03:11:36 +00:00 · 1997-09-10 03:11:36 +00:00 · d6fd8b89df
commit d6fd8b89df
parent ffdd472de7
1 changed files with 6 additions and 3 deletions
--- a/share/man/man4/ipfirewall.4
+++ b/share/man/man4/ipfirewall.4
@ -1,5 +1,5 @@
 .\"
-.\"     $Id: ipfirewall.4,v 1.6.2.2 1997/03/07 03:07:41 mpp Exp $
+.\"     $Id: ipfirewall.4,v 1.10 1997/06/23 02:12:21 julian Exp $
 .\"
 .Dd June 22, 1997
 .Dt IPFIREWALL 4
@ -23,8 +23,11 @@ which point the corresponding action is taken. Rules are numbered
 from 1 to 65534; multiple rules may share the same number.
 .Pp
 There is one rule that always exists, rule number 65535. This rule
-causes all packets to be dropped. Hence, any packet which does not
-match a lower numbered rule will be dropped.
+normally causes all packets to be dropped. Hence, any packet which does not
+match a lower numbered rule will be dropped.  However, a kernel compile
+time option
+.Dq IPFIREWALL_DEFAULT_TO_ACCEPT
+allows the administrator to change this fixed rule to permit everything.
 .Pp
 The value passed to 
 .Fn setsockopt