From owner-freebsd-stable Sun Jun 30 12:21:55 1996 Return-Path: owner-stable Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id MAA08281 for stable-outgoing; Sun, 30 Jun 1996 12:21:55 -0700 (PDT) Received: from etamin.brunel.ac.uk (pp@etamin.brunel.ac.uk [134.83.128.61]) by freefall.freebsd.org (8.7.5/8.7.3) with SMTP id MAA08273 for ; Sun, 30 Jun 1996 12:21:51 -0700 (PDT) Received: from palmer.demon.co.uk by etamin.brunel.ac.uk with SMTP (PP); Sun, 30 Jun 1996 20:21:47 +0100 Received: from palmer.demon.co.uk (localhost [127.0.0.1]) by palmer.demon.co.uk (sendmail/PALMER-2) with ESMTP id UAA11638; Sun, 30 Jun 1996 20:08:46 +0100 (BST) To: rhh@ct.picker.com cc: stable@FreeBSD.ORG From: Gary Palmer Subject: Re: 960627-SNAP - Problem with IPFirewall/portmap In-reply-to: Your message of "Sun, 30 Jun 1996 12:03:50 EDT." <199606301603.MAA19202@elmer.picker.com> Date: Sun, 30 Jun 1996 20:08:45 +0100 Message-ID: <11632.836161725@palmer.demon.co.uk> Sender: owner-stable@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Randall Hopper wrote in message ID <199606301603.MAA19202@elmer.picker.com>: > Just installed the 2.1-960627-SNAP, and ran into a system > hang-up with it. I spent some time narrowing this down, it appears > that the presence of the IPFIREWALL option causes portmap to refuse > connections. This is the defined behaviour of the IPFIREWALL code. Recent versions have a ``deny everything by default'' behaviour, which even stops ifconfig from working. IMHO, although being the right choice, it's a pain in the proverbials, and also breaks diskless booting if the kernel you are booting has IPFIREWALL in it. Solution: change the IPFIREWALL rules before you try doing ANYTHING else with the networking subsystem. Gary -- Gary Palmer FreeBSD Core Team Member FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info