Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 24 Jan 2007 15:37:50 -0500
From:      Jeff Royle <lists@qwirky.net>
To:        questions@freebsd.org
Subject:   Re: Problem with "ipfw flush"
Message-ID:  <45B7C39E.5080605@qwirky.net>
In-Reply-To: <20070124152310.E82156@prime.gushi.org>
References:  <20070124152310.E82156@prime.gushi.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Dan Mahoney, System Admin wrote:
> Hey all.
> 
> In trying to tweak my firewall setup I'm using a file called 
> /etc/ipfw.rules
> 
> However, it seems even though I copy my rules perfectly to that file, 
> the system freezes up and locks me out when I do:
> 
> ipfw -f flush; ipfw /etc/ipfw.rules
> 
> I've also tried doing it as
> 
> ipfw -f flush && ipfw /etc/ipfw.rules
> 
> But to no avail.
> 
> if it matters, ipfw is loaded as a kernel module, not compiled in.
> 
> -Dan
> 
> -- 

I haven't used IPFW in a while but if I recall right IPFW has a default 
policy of drop.   So when you flush the ruleset your pass rules are all 
gone.

You could run the command like: ipfw -f flush && ipfw /etc/ipfw.rules

That should allow you flush and load your ruleset.   You may also want 
to look into changing the default policy to accept.   However this may 
require you to adjust your rules depending on how you wrote them.

Cheers,

Jeff



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45B7C39E.5080605>