Date: Wed, 27 Sep 2000 13:46:37 +0300 From: Adrian Pavlykevych <pam@polynet.lviv.ua> To: ipfw@freebsd.org Subject: "fwd" rule of IPFW freezes all IP traffic Message-ID: <20000927134637.A24652@polynet.lviv.ua>
next in thread | raw e-mail | index | archive | help
Hi everybody! This is followup to my previous post about problems with "fwd" rule on FreeBSD 4-Stable. I'm trying to upgrade my _existing_ firewall, which uses IPFW and FWTK proxies in transparent mode. I can confirm that following ruleset is working of FreeBSD 3.1 and doesn't work on RELENG_4 as of Sep 21. add 300 allow tcp from 192.168.0.14/32 to 192.168.0.0/16 via de0 add allow tcp from 192.168.0.0/16 to 192.168.0.14/32 via de0 add fwd 127.0.0.1,23 tcp from 0.0.0.0/0 to 0.0.0.0/0 23 via de0 add fwd 127.0.0.1,2221 tcp from 0.0.0.0/0 to 0.0.0.0/0 22 via de0 add fwd 127.0.0.1,21 tcp from 0.0.0.0/0 to 0.0.0.0/0 21 via de0 add fwd 127.0.0.1,110 tcp from 0.0.0.0/0 to 0.0.0.0/0 110 via de0 add fwd 127.0.0.1,6667 tcp from 0.0.0.0/0 to 0.0.0.0/0 6667 via de0 add fwd 127.0.0.1,6791 tcp from 0.0.0.0/0 to 0.0.0.0/0 6791 via de0 add fwd 127.0.0.1,2401 tcp from 0.0.0.0/0 to 0.0.0.0/0 2401 via de0 add fwd 127.0.0.1,5999 tcp from 0.0.0.0/0 to 0.0.0.0/0 5999 via de0 add 65534 allow ip from any to any Hitting "fwd" rule immediately stops _all_ IP traffic on the machine - even ping 127.0.0.1 doesn't work. BTW, Previous responces I've got were misdirected due to my typo in the posted rule. I'd appreciate any suggestions/fixes, -- Adrian Pavlykevych email: <pam@polynet.lviv.ua> System Administrator phone/fax: +380 (322) 742041 State University "Lvivska Polytechnica" To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000927134637.A24652>