Date: Wed, 18 Jul 2001 11:52:17 +0100 From: JF <OpsyDopsy@netcabo.pt> To: questions@freebsd.org Subject: IPF problem Message-ID: <01071811521700.00325@OpsyDopsy.net.dhis.org>
next in thread | raw e-mail | index | archive | help
Heys I've just finished setting up my IPF conf file (which I include at the end of t he mail) but something seems not to be working that fine... here's the log: Jul 18 11:42:27 <local0.info> OpsyDopsy ipmon[92]: 11:42:24.578068 STATE:NEW 213 .22.0.69,3769 -> ns2.netcabo.pt,domain PR udp Jul 18 11:42:27 <local0.info> OpsyDopsy ipmon[92]: 11:42:24.586186 STATE:NEW 213 .22.0.69,3770 -> ns2.netcabo.pt,domain PR udp Jul 18 11:42:27 <local0.info> OpsyDopsy ipmon[92]: 11:42:24.594343 STATE:NEW 213 .22.0.69,3771 -> ns2.netcabo.pt,domain PR udp Jul 18 11:42:27 <local0.info> OpsyDopsy ipmon[92]: 11:42:24.602029 STATE:NEW 213 .22.0.69,3772 -> ns2.netcabo.pt,domain PR udp and it keeps at it like, pages and pages of this sort of error. The network is working, but this does seem something worth taking a look at... any sugestions and/or help would be most apreciated. Thanks in advance. JF IPF Conf File: #Pass in on loopback device pass in quick on lo0 #Block unroutable packages block in quick on xl0 from 192.168.0.0/16 to any block in quick on xl0 from 172.16.0.0/12 to any block in quick on xl0 from 10.0.0.0/8 to any block out quick on xl0 from 192.168.0.0/16 to any block out quick on xl0 from 172.16.0.0/12 to any block out quick on xl0 from 10.0.0.0/8 to any #Block from possible spoofs block in quick on xl0 from 127.0.0.0/8 to any block in quick on xl0 from 0.0.0.0/8 to any block out quick on xl0 from 127.0.0.0/8 to any block out quick on xl0 from 0.0.0.0/8 to any #Services: smtp, web, portmap, syslogd, lpd, X block in log first quick on xl0 proto tcp from any to any port = 25 block in log first quick on xl0 proto tcp from any to any port = 80 block in log first quick on xl0 proto tcp/udp from any to any port = 111 block in log first quick on xl0 proto udp from any to any port = 514 block in log first quick on xl0 proto tcp from any to any port = 515 block in log first quick on xl0 proto tcp from any to any port = 6000 block in log first quick on xl0 proto tcp from any to any port = 4000 block in log first quick on xl0 proto tcp from any to any port = submission block in log first quick on xl0 proto udp from any to any port = bootpc #Pass all out pass out quick on xl0 proto tcp from any to any keep state pass out quick on xl0 proto udp from any to any keep state pass out quick on xl0 proto icmp from any to any keep state #Pass in for some ICMP types pass in quick on xl0 proto icmp from any to any icmp-type echo keep state pass in quick on xl0 proto icmp from any to any icmp-type echorep keep state pass in quick on xl0 proto icmp from any to any icmp-type unreach keep state pass in quick on xl0 proto icmp from any to any icmp-type squench keep state pass in quick on xl0 proto icmp from any to any icmp-type timex keep state #Pass in for ftpd, sshd and dhis pass in quick on xl0 proto tcp from any to any port = ftp flags S keep state keep frags pass in quick on xl0 proto tcp from any to any port = ftp-data flags S keep state keep frags pass in quick on xl0 proto tcp from any to any port = ssh flags S keep state keep frags pass in quick on xl0 proto udp from any to any port = 58800 keep state keep frags #Block the rest block in log first quick proto tcp from any to any block in log first quick proto udp from any to any block in log first quick proto icmp from any to any To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01071811521700.00325>