From owner-freebsd-security@FreeBSD.ORG Thu Dec 13 08:11:55 2007 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id E986E16A417 for ; Thu, 13 Dec 2007 08:11:55 +0000 (UTC) (envelope-from WD@US-Webmasters.com) Received: from server1.grabweb.com (split.grabweb.net [67.15.22.16]) by mx1.freebsd.org (Postfix) with ESMTP id ABBC813C4D5 for ; Thu, 13 Dec 2007 08:11:55 +0000 (UTC) (envelope-from WD@US-Webmasters.com) Received: (qmail 21021 invoked from network); 13 Dec 2007 01:45:14 -0600 Received: from batv-01-192.dsl.netins.net (HELO Sabrina.US-Webmasters.com) (207.199.193.192) by uswdns.net with (DHE-RSA-AES256-SHA encrypted) SMTP; 13 Dec 2007 01:45:14 -0600 X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9 Date: Thu, 13 Dec 2007 01:44:46 -0600 To: freebsd-security@freebsd.org From: "W. D." Mime-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Message-Id: <20071213081155.ABBC813C4D5@mx1.freebsd.org> Subject: IPFW compiled in kernel: Where is it reading the config? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 13 Dec 2007 08:11:56 -0000 Hi peeps, After compiling ipfw into the new 6.2 kernel, and typing "ipfw list", all I get is: "65535 deny ip from any to any" =46rom reading the docs, this might indicate that this is the default rule. (I am certainly protected this way--but can't be very productive ;^) ) By the way, when I run "man ipfw" I get nothing. Using this=20 instead: http://www.hmug.org/man/8/ipfw.php How to install=20 the man pages? How do I tell where ipfw is reading its config from? Is there a default config file? The config file locaton that I specify in rc.conf doesn't=20 appear to be being used: firewall_script=3D"/usr/local/etc/ipfw.rules" What is the proper name for the ipfw ruleset file? Some on the Web say that it is "ipfw.rules". Other say it is "rc.firewall" What is the proper location for the ruleset file? I see=20 all of the following: /etc/ipfw.rules /usr/local/etc/ipfw.rules /etc/rc.firewall /usr/local/etc/psa/modules/firewall/rc.firewall Are line numbers required? I see some examples that use line=20 numbers and some do not. Is there a program to easily "syntax check" a config/ruleset=20 file? How do I tell if ipfw is running? "ps aux | grep ipfw" doesn't show anything. I would really appreciate very much some help with this. Many thanks if you can help. Start Here to Find It Fast!=99 ->= http://www.US-Webmasters.com/best-start-page/ $8.77 Domain Names -> http://domains.us-webmasters.com/