From owner-freebsd-chat Tue Aug 29 13:15: 2 2000 Delivered-To: freebsd-chat@freebsd.org Received: from news.IAEhv.nl (news.IAE.nl [194.151.64.4]) by hub.freebsd.org (Postfix) with ESMTP id A706137B43E for ; Tue, 29 Aug 2000 13:14:56 -0700 (PDT) Received: (from uucp@localhost) by news.IAEhv.nl (8.9.1/8.9.1) with IAEhv.nl id WAA07032; Tue, 29 Aug 2000 22:14:53 +0200 (MET DST) Received: by adv.devet.org (Postfix, from userid 100) id 161923E0D; Tue, 29 Aug 2000 22:14:41 +0200 (CEST) To: oolberg@eenet.ee Subject: Re: IP Filter 3.4.9 and FreeBSD r. 4.0 X-Newsgroups: list.freebsd.chat In-Reply-To: Organization: Eindhoven, the Netherlands Cc: chat@freebsd.org Message-Id: <20000829201441.161923E0D@adv.devet.org> Date: Tue, 29 Aug 2000 22:14:41 +0200 (CEST) From: Arjan.deVet@adv.iae.nl (Arjan de Vet) Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In article you write: >Hallo, That's Dutch for 'hello' b.t.w. ;-). >i am having problem with . The logging gives apparently random >numbers, like this: > >bash# ipmon >26/08/2000 19:31:21.921566 ed0 @0:0 L 254.1.50.235 -> 192.168.1.10 PR >ipencap len 0 (0) frag 0@672 >26/08/2000 19:31:22.931046 ed0 @0:0 L 255.1.52.207 -> 192.168.2.10 PR igmp >len 0 (49203) frag 49203@672 >26/08/2000 19:31:22.931082 vx0 @0:0 L 254.1.52.207 -> 192.168.2.10 PR igmp >len 0 (0) frag 0@672 >26/08/2000 19:31:22.931526 vx0 @0:0 L 255.1.50.234 -> 192.168.1.10 P > >espesially the L 254.1.50.235 column. Such things can happen when the userland utilities are not in-sync with the kernel. Did you update only one of those? >In fact, the filtering itselt seems to work, just the little filtering >thing. > >Can someone confirm, the mentioned versions of software work together >seamlessly. Well, probably you can .... >Or better to use last 3.x version of FreeBSD? I noticed, the 4.1 is >unsupported by IP Filter's make. IP filter is included with FreeBSD. FreeBSD 4.1 will give you ipfilter 3.4.8. Just add this to your kernel configuration file: # IPFILTER enables Darren Reed's ipfilter package. # IPFILTER_LOG enables ipfilter's logging. options IPFILTER #kernel ipfilter support options IPFILTER_LOG #ipfilter logging options IPFILTER_DEFAULT_BLOCK #block all packets by default Arjan -- Arjan de Vet, Eindhoven, The Netherlands URL: http://www.iae.nl/users/devet/ for PGP key: finger devet@iae.nl To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message