Date: Sat, 29 Jan 2005 23:42:48 +0100 From: Aleksander Rozman - Andy <andy@triera.net> To: albi <albi@scii.nl> Cc: freebsd-hackers@freebsd.org Subject: Re: Network problem after upgrade from 5.1 to 5.3 Message-ID: <6.0.0.22.2.20050129233629.02f52990@pop3.triera.net> In-Reply-To: <41FC0BF9.9040007@scii.nl> References: <6.0.0.22.2.20050129231029.02f50bc0@pop3.triera.net> <41FC0BF9.9040007@scii.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
At 29.1.2005, you wrote: >Aleksander Rozman - Andy wrote: > >>Even after recompiled I couldn't use network. My FreeBSD is used as >>server and also router for my internal network (using NAT). >> >>firewall_type="/etc/firewall.conf" # Firewall type (see >>/etc/rc.firewall) > >------- cut ------- > >>firewall.conf (this is open firewall with added ports for redirection) >>========= >>add 00050 set 0 divert 8668 ip from any to any >>add 00100 set 0 allow ip from any to any >>add 00200 set 0 deny ip from any to 127.0.0.0/8 >>add 00300 set 0 deny ip from 127.0.0.0/8 to any >>add 10000 set 0 allow udp from any 4672 to 192.168.44.2 dst-port 4672 >>add 10001 set 0 allow tcp from any 4662 to 192.168.44.2 dst-port 4662 >>add 10002 set 0 allow tcp from any 4711 to 192.168.44.2 dst-port 4711 >>add 65000 set 0 allow ip from any to any > >shouldn't firewall_type= >not say something like : >firewall_type=client >or >firewall_type=open >as described in /etc/rc.firewall !? In older version of FreeBSD (5.1) you had open, simple, unknown, client but if you wanted custom setting from file, you specified file with commands. I tried several other options, including Open (which my file is copied from, plus some added stuff), and whenever I start firewall, all network stops (is blocked). By definition open should allow everything, but in 5.3 it doesn't. Andy >(assuming that your pasted firewall.conf content is >from /etc/firewall.conf) > >_______________________________________________ >freebsd-hackers@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-hackers >To unsubscribe, send any mail to "freebsd-hackers-unsubscribe@freebsd.org" ************************************************************************** * Aleksander Rozman - Andy * Fandoms: E2:EA, SAABer, Trekkie, Earthie * * andy@kksonline.com * Sentinel, BH 90210, True's Trooper, * * andy@atechnet.dhs.org * Heller's Angel, Questie, Legacy, PO5, * * Maribor, Slovenia (Europe) * Profiler, Buffy (Slayerete), Pretender * * ICQ-UIC: 4911125 ********************************************* * PGP key available * http://www.atechnet.dhs.org/~andy/ * **************************************************************************
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6.0.0.22.2.20050129233629.02f52990>