Date: Wed, 31 May 2000 10:48:07 -0400 (EDT) From: Omachonu Ogali <oogali@intranova.net> To: Plamen Stoev <plamen@office.triada.bg> Cc: freebsd-questions@freebsd.org Subject: Re: problem Message-ID: <Pine.BSF.4.10.10005311046550.589-100000@hydrant.intranova.net> In-Reply-To: <633420005331143323477@office.triada.bg>
next in thread | previous in thread | raw e-mail | index | archive | help
If you look closely, you will see that the default is to *deny*, you must either create your own custom firewall rules, or run /etc/rc.firewall with your selection of open, unknown, client, etc. I suggest reading the FreeBSD Handbook for more details on this subject. Also http://www.defcon1.org and http://www.freebsddiary.org are good resources too. On Wed, 31 May 2000, Plamen Stoev wrote: > Hello FreeBSD :) > > I have a problem with my FreeBSD 4.0-STABLE: > > $ whoami > root > $ kldload /modules/ipfw.ko > IP packet filtering initialized, divert enabled, rule-based > forwarding enabled, default to deny, logging enabled > May 31 16:00:27 /kernel: IP packet filtering initialized, divert > enabled, rule-based forwarding enabled, default to deny, > logging enabled > May 31 16:00:27 /kernel: IP packet filtering initialized, divert > enabled, rule-based forwarding enabled, default to deny, > logging enabled > $ ping 127.0.0.1 > PING 127.0.0.1 (127.0.0.1): 56 data bytes > ping: sendto: Permission denied > --- 127.0.0.1 ping statistics --- > 1 packets transmitted, 0 packets received, 100% packet loss > $ kldunload ipfw > IP firewall unloaded > May 31 16:00:50 /kernel: IP firewall unloaded > May 31 16:00:50 /kernel: IP firewall unloaded > $ ping localhost > PING localhost (127.0.0.1): 56 data bytes > 64 bytes from 127.0.0.1: icmp_seq=0 ttl=255 time=0.098 ms > > /etc/rc.firewall is standart, 4.0-RELEASE instalation file > =============================================================== > My kernel file: > > machine i386 > cpu I586_CPU > ident SYSTEM > maxusers 20 > makeoptions DEBUG=-g > options MATH_EMULATE > options INET > options INET6 > options FFS > options FFS_ROOT > options MFS > options MD_ROOT > options NFS > options NFS_ROOT > options MSDOSFS > options CD9660 > options CD9660_ROOT > options PROCFS > options COMPAT_43 > options SCSI_DELAY=15000 > options UCONSOLE > options USERCONFIG > options VISUAL_USERCONFIG > options KTRACE > options SYSVSHM > options SYSVMSG > options SYSVSEM > options P1003_1B > options _KPOSIX_PRIORITY_SCHEDULING > options ICMP_BANDLIM > options MAXCONS=16 > options VESA > options SC_DISABLE_REBOOT > options SC_NORM_REV_ATTR="(FG_YELLOW|BG_GREEN)" > options SC_KERNEL_CONS_ATTR="(FG_RED|BG_BLACK)" > options SC_KERNEL_CONS_REV_ATTR="(FG_BLACK|BG_RED)" > options SC_PIXEL_MODE > options IPFIREWALL > options IPFIREWALL_VERBOSE > options IPFIREWALL_FORWARD > options IPDIVERT > options IPFILTER > options IPFILTER_LOG > device isa > device eisa > device pci > device fdc0 at isa? port IO_FD1 irq 6 drq 2 > device fd0 at fdc0 drive 0 > device fd1 at fdc0 drive 1 > device ata0 at isa? port IO_WD1 irq 14 > device ata1 at isa? port IO_WD2 irq 15 > device ata > device atadisk > device atapicd > device atapifd > device atapist > options ATA_STATIC_ID > device atkbdc0 at isa? port IO_KBD > device atkbd0 at atkbdc? irq 1 > device psm0 at atkbdc? irq 12 > device vga0 at isa? > pseudo-device splash > device sc0 at isa? > options FAT_CURSOR > device npx0 at nexus? port IO_NPX irq 13 > device card > device pcic0 at isa? irq 10 port 0x3e0 iomem 0xd0000 > device pcic1 at isa? irq 11 port 0x3e2 iomem 0xd4000 > device sio0 at isa? port IO_COM1 flags 0x10 irq 4 > device sio1 at isa? port IO_COM2 irq 3 > device sio2 at isa? disable port IO_COM3 irq 5 > device sio3 at isa? disable port IO_COM4 irq 9 > device ppc0 at isa? irq 7 > device ppbus > device lpt > device plip > device ppi > device de > device fxp > device tx > device vx > device wx > device miibus > device dc > device rl > device sf > device sis > device ste > device tl > device vr > device wb > device xl > device ed0 at isa? port 0x280 irq 10 iomem 0xd8000 > device ex > device ep > device wi > device an > device ie0 at isa? port 0x300 irq 10 iomem 0xd0000 > device fe0 at isa? port 0x300 > device le0 at isa? port 0x300 irq 5 iomem 0xd0000 > device lnc0 at isa? port 0x280 irq 10 drq 0 > device cs0 at isa? port 0x300 > device sn0 at isa? port 0x300 irq 10 > pseudo-device loop > pseudo-device ether > pseudo-device sl 1 > pseudo-device ppp 1 > pseudo-device tun > pseudo-device pty > pseudo-device md > pseudo-device gif 4 > pseudo-device faith 1 > pseudo-device bpf > > Where is the problem? > > > > Regards, > Plamen Stoev > Seniot System Administrator > Triada Soft Ltd. [ www.triada.bg ] > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > -- +-----------------------------------------------------------------------+ | Omachonu Ogali oogali@intranova.net | | Intranova Networking Group http://www.intranova.net | | PGP Key ID: 0xBFE60839 | | PGP Fingerprint: 8 51 14 FD 2A 87 53 D1 E3 AA 12 12 01 93 BD 34 | +-----------------------------------------------------------------------+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.10.10005311046550.589-100000>