From owner-freebsd-questions@FreeBSD.ORG Fri Jan 27 00:29:44 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 821EB16A420 for ; Fri, 27 Jan 2006 00:29:44 +0000 (GMT) (envelope-from ipfreak@yahoo.com) Received: from web52103.mail.yahoo.com (web52103.mail.yahoo.com [206.190.48.106]) by mx1.FreeBSD.org (Postfix) with SMTP id DA67843D5A for ; Fri, 27 Jan 2006 00:29:43 +0000 (GMT) (envelope-from ipfreak@yahoo.com) Received: (qmail 78048 invoked by uid 60001); 27 Jan 2006 00:29:43 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=Ho75VgdjJhnUf2hfCDHVrTIpthQvo8AYSjTACuf7fwhuH27hMrkV1ov+wkT9HIUoGSWY2HKkJsP4yaQX/+5Pq4Xb1XfJhlTUGaSN2BN7tK2gUYh6ybJ7rhwyRrMg6y15H2/piaL545U9iAC0FI3Pvn338OsFuaq2FwZffWfxV64= ; Message-ID: <20060127002943.78046.qmail@web52103.mail.yahoo.com> Received: from [200.38.156.194] by web52103.mail.yahoo.com via HTTP; Thu, 26 Jan 2006 16:29:43 PST Date: Thu, 26 Jan 2006 16:29:43 -0800 (PST) From: gahn To: Oxygenshell , Arne Woerner , freebsd security , freebsd general questions In-Reply-To: <01ee01c622d7$b8e77f50$6501a8c0@bob> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: Subject: Re: strange problem with ipfw and rc.conf X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Jan 2006 00:29:44 -0000 Thanks for the comments. My real problem is thta the rc.conf just won load the rulesets when the system reboots. I have to do this every time the system reboots: "sh /etc/ipfw.rules" --- Oxygenshell wrote: > ipfw rules automatically default to deny > You have to explicitly tell it to allow by default. > (kernel setting) > > > ----- Original Message ----- > From: "Arne Woerner" > To: "gahn" ; "freebsd security" > ; "freebsd general > questions" > > Sent: Thursday, January 26, 2006 7:03 PM > Subject: Re: strange problem with ipfw and rc.conf > > > > --- gahn wrote: > >> 65335 locking out everything). I have to do "sh > >> /etc/ipfw.rules" in order to load the rulesets, > once I > >> did that, I can access the box from remote > locations > >> > > Hmm... > > > > It helped me, to look at /etc/rc.firewall... There > are some > > comments, that might give u the right hints... > > > > Maybe firewall_enable should be YES? > > > > E. g. my /etc/rc.firewall.bartely file cannot be > executed with > > sh... But maybe I still did not understand ipfw... > > > > My /etc/rc.firewall.bartely contains rules like: > > add pass log all from any to 47.11.42.42 > > add deny log all from any to any > > > > And in rc.conf my > firewall_type=/etc/rc.firewall.bartleby > > > > And I use default firewall_script=/etc/rc.firewall > > > > -Arne > > > > > > __________________________________________________ > > Do You Yahoo!? > > Tired of spam? Yahoo! Mail has the best spam > protection around > > http://mail.yahoo.com > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > > "freebsd-security-unsubscribe@freebsd.org" > > > > > > > __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com