Bug 21777

Summary: IPFILTER_DEFAULT_BLOCK isn't mentioned anywhere
Product: Base System Reporter: Roman Shterenzon <roman>
Component: confAssignee: Darern Reed <darrenr>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.1-STABLE   
Hardware: Any   
OS: Any   

Description Roman Shterenzon 2000-10-06 01:50:01 UTC 
The kernel config option IPFILTER_DEFAULT_BLOCK isn't mentioned anywhere.
Please add it to LINT.

Fix: 

Please add it to /usr/src/sys/i386/conf/LINT
How-To-Repeat: 
grep IPFILTER_DEFAULT_BLOCK /usr/src/sys/i386/conf/LINT
Comment 1 Roman Shterenzon 2000-10-14 01:16:15 UTC 
Here's a patch:

--- /usr/src/sys/i386/conf/LINT	Wed Oct 11 14:06:42 2000
+++ LINT	Sat Oct 14 02:56:47 2000
@@ -528,6 +528,7 @@
 options 	IPDIVERT		#divert sockets
 options 	IPFILTER		#ipfilter support
 options 	IPFILTER_LOG		#ipfilter logging
+options 	IPFILTER_DEFAULT_BLOCK	#deny everything by default
 options 	IPSTEALTH		#support for stealth forwarding
 options 	TCPDEBUG

--Roman Shterenzon, UNIX System Administrator and Consultant
[ Xpert UNIX Systems Ltd., Herzlia, Israel. Tel: +972-9-9522361 ]
Comment 2 Johan Karlsson freebsd_committer freebsd_triage 2000-10-14 15:40:28 UTC 
Responsible Changed
From-To: freebsd-bugs->darrenr

Over to ipfilter maintainer.
Comment 3 jkh freebsd_committer freebsd_triage 2001-02-12 02:36:53 UTC 
State Changed
From-To: open->closed

MFC'd and closed