From owner-freebsd-bugs  Sun Nov  9 00:45:30 1997
Return-Path: <owner-freebsd-bugs>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id AAA24305
          for bugs-outgoing; Sun, 9 Nov 1997 00:45:30 -0800 (PST)
          (envelope-from owner-freebsd-bugs)
Received: from panda.hilink.com.au (panda.hilink.com.au [203.8.15.25])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id AAA24294
          for <bugs@FreeBSD.ORG>; Sun, 9 Nov 1997 00:45:24 -0800 (PST)
          (envelope-from danny@panda.hilink.com.au)
Received: (from danny@localhost)
	by panda.hilink.com.au (8.8.5/8.8.5) id TAA07015;
	Sun, 9 Nov 1997 19:44:20 +1100 (EST)
Date: Sun, 9 Nov 1997 19:44:20 +1100 (EST)
From: "Daniel O'Callaghan" <danny@panda.hilink.com.au>
To: Richard Furda <rfurda@wgss.net>
cc: "Jordan K. Hubbard" <jkh@time.cdrom.com>, bugs@FreeBSD.ORG
Subject: Re: Firewall
In-Reply-To: <3.0.3.32.19971108211718.00689454@wgss.net>
Message-ID: <Pine.BSF.3.91.971109193925.253M-100000@panda.hilink.com.au>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-bugs@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk


On Sat, 8 Nov 1997, Richard Furda wrote:

> I am trying to get my firewall to work. I think that /etc/rc.firewall is
> broken.
> 
> First, the versions:
> 
> FreeBSD gator.wgss.net 2.2.5-STABLE FreeBSD 2.2.5-STABLE #0: Sat Nov  8
> 17:44:52 PST 1997     riso@gator.wgss.net:/usr/src/sys/compile/custom  i386
> 
> $Id: rc.firewall,v 1.6.2.5 1997/10/21 00:20:35 jkh Exp $
> $Id: rc.conf,v 1.1.2.29 1997/10/31 02:00:42 jdp Exp $
> 
> When firewall is specified to 'open' a very important rule is not passed out,
> ipfw add 1000 pass all from any to any

You should have in rc.conf
firewall_enable="YES"
firewall_type="open"

At rc.firewall line 71 $firewall_type is tested for values "open" and "OPEN"
and adds the line 65000 pass all from any to any.

How does this fit with what you are seeing?

Danny