From owner-freebsd-questions@FreeBSD.ORG Tue Mar 2 02:23:19 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 314BA16A4CF for ; Tue, 2 Mar 2004 02:23:19 -0800 (PST) Received: from pd4mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0CAA243D1F for ; Tue, 2 Mar 2004 02:23:19 -0800 (PST) (envelope-from rmvg@shaw.ca) Received: from pd4mr3so.prod.shaw.ca (pd4mr3so-qfe3.prod.shaw.ca [10.0.141.214]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HTY00HDB26UEM@l-daemon> for freebsd-questions@FreeBSD.org; Tue, 02 Mar 2004 03:23:18 -0700 (MST) Received: from pn2ml3so.prod.shaw.ca (pn2ml3so-qfe0.prod.shaw.ca [10.0.121.147]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HTY006BU26U41@l-daemon> for freebsd-questions@FreeBSD.org; Tue, 02 Mar 2004 03:23:18 -0700 (MST) Received: from shaw.ca (h68-146-233-172.cg.shawcable.net [68.146.233.172]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0HTY00E0P26T3U@l-daemon> for freebsd-questions@FreeBSD.org; Tue, 02 Mar 2004 03:23:18 -0700 (MST) Date: Tue, 02 Mar 2004 03:23:24 -0700 From: RYAN vAN GINNEKEN In-reply-to: <20040302100715.GA51545@xor.obsecurity.org> To: Kris Kennaway , freebsd-questions@FreeBSD.org Message-id: <4044609C.7030308@shaw.ca> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1; format=flowed Content-transfer-encoding: 7BIT X-Accept-Language: en-us, en User-Agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) References: <40445BF9.7090108@shaw.ca> <20040302100715.GA51545@xor.obsecurity.org> Subject: Re: firewall problem?? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Mar 2004 10:23:19 -0000 Thank you for your reply Here is my kernel config file well just the options i added do you need more of it? which samples are you refering to and how come i never had problems like this before?? options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=100 options IPDIVERT #options TCP_DROP_SYNFIN Kris Kennaway wrote: >On Tue, Mar 02, 2004 at 03:03:37AM -0700, RYAN vAN GINNEKEN wrote: > > > >>Contents of my rc.conf file are included below. This machine is >>eventually going to be a server (sendmail bind apache samba ) for a >>differnt network so lots of stuff is commented out. I am new at running >>more than on BSD box on the same network and not sure if i need natd or >>firewall enabled. >> >> > >You didn't include your kernel config file, but the default firewall >behaviour is to deny all traffic. There's a kernel config option to >change this - see the sample config files. > >Kris > >