Date: Wed, 12 Jun 2002 21:19:05 -0500 From: rahermon@iastate.edu To: <sroberts@dsl.pipex.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: RE: Your earlier maillog post Message-ID: <004401c21280$b4240ad0$8404a8c0@TheGetto> In-Reply-To: <1023863380.325.11.camel@Demon.Strobe.org>
next in thread | previous in thread | raw e-mail | index | archive | help
I was looking at the ipfw rules on your post "IPFW error, help?" and I
did not notice the following which can explain access denied to
localhost.
# Allow loopbacks, deny imposters
${fwcmd} add 100 pass all from any to any via lo0
${fwcmd} add 200 deny all from any to 127.0.0.0/8
# Stop spoofing
${fwcmd} add deny all from ${inet}:${imask} to any in via ${oif}
${fwcmd} add deny all from ${onet}:${omask} to any in via ${iif}
The above are just after flush on my rules. But my definitions are
before, I guess what I am trying to say is that just make sure the above
rules are the first rules.
Regards,
Ramon
> -----Original Message-----
> From: owner-freebsd-questions@FreeBSD.ORG
> [mailto:owner-freebsd-questions@FreeBSD.ORG] On Behalf Of S. Roberts
> Sent: Wednesday, June 12, 2002 1:30 AM
> To: rahermon@cs.iastate.edu
> Cc: FreeBSD-Questions
> Subject: re: Your earlier maillog post
>
>
> Hi,
> I stumbled across your post in the archives. I'm seeing
> exactly the same formatted messages in the maillog of a box
> here as well: Jun 12 07:03:38 <snip> sm-msp-queue[96453]:
> g5766juA092113: to=root, delay=4+23:56:53, xdelay=00:00:00,
> mailer=relay, pri=22287174, relay=localhost.<snip>.,
> dsn=4.0.0, stat=Deferred: Permission denied ~ $
>
> I wanted to find out if you had gotten an explanation, or
> positive response to your query in the end. I tried sending a
> query to Sendmail.org but couldn't get any joy there either.
>
> Do let me know, please
> Regards,
> Stacey
>
> ok. Maybe if I take it one step at a time. Can anyone tell me
> what this means.
>
> May 31 15:46:04 FW sm-msp-queue[442]: g4R84JFE000560:
> to=root, ctladdr=root (0/0), delay=4+12:41:45,
> xdelay=00:00:00, mailer=relay, pri=18390056,
> relay=localhost.rhbsd.dhs.org., dsn=4.0.0, stat=Deferred:
> Permission denied
>
> Thaks.
> --
> Stacey Roberts B.Sc. (HONS) Computer Science
> Network Systems Engineer
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?004401c21280$b4240ad0$8404a8c0>