From owner-freebsd-questions Thu May 9 17:24:47 2002 Delivered-To: freebsd-questions@freebsd.org Received: from rm-rstar.sfu.ca (rm-rstar.sfu.ca [142.58.120.21]) by hub.freebsd.org (Postfix) with ESMTP id 4484A37B400 for ; Thu, 9 May 2002 17:24:41 -0700 (PDT) Received: from fraser.sfu.ca (brentk@fraser.sfu.ca [142.58.101.25]) by rm-rstar.sfu.ca (8.12.3/8.12.3/SFU-6.0H) with ESMTP id g4A0OcTf022437; Thu, 9 May 2002 17:24:38 -0700 (PDT) Received: (from brentk@localhost) by fraser.sfu.ca (8.9.2/8.9.2/SFU-5.0C) id RAA26273; Thu, 9 May 2002 17:24:38 -0700 (PDT) Date: Thu, 9 May 2002 17:24:38 -0700 From: Brent Kearney To: Joe & Fhe Barbish Cc: questions@freebsd.org Subject: Re: can't connect to localhost Message-ID: <20020509172438.A25839@sfu.ca> References: <20020509152242.A26685@sfu.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: ; from barbish@a1poweruser.com on Thu, May 09, 2002 at 08:11:13PM -0400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, May 09, 2002 at 08:11:13PM -0400, Joe & Fhe Barbish wrote: > You show this. > 00100 allow ip from any to any via lo0 > 00100 allow ip from 127.0.0.1 to any > 00100 allow ip from 123.45.67.89 to 127.0.0.1 > 00100 allow ip from 123.45.67.89 to 123.45.67.89 > > What is happening here is the second 100 rule replacess the first, then the > third 100 rule replaces the second, so after all rules numbered 100 get read > by ipfw at load rules time only rule 100 allow ip from 123.45.67.89 to > 123.45.67.89 is really there. > > Renumber the 100 number rules like so > 00101 allow ip from any to any via lo0 > 00102 allow ip from 127.0.0.1 to any > 00103 allow ip from 123.45.67.89 to 127.0.0.1 > 00104 allow ip from 123.45.67.89 to 123.45.67.89 > I renumbered them. Now no two rules have the same number. I get exactly the same effect though. Brent > -----Original Message----- > From: owner-freebsd-questions@FreeBSD.ORG > [mailto:owner-freebsd-questions@FreeBSD.ORG]On Behalf Of Brent Kearney > Sent: Thursday, May 09, 2002 6:23 PM > To: questions@freebsd.org > Subject: can't connect to localhost > > > Greetings, > > Any connections to localhost appear not to work: > > {foo}(~)$ telnet localhost 25 > Trying 127.0.0.1... > telnet: connect to address 127.0.0.1: Can't assign requested address > telnet: Unable to connect to remote host > > My /etc/hosts file looks fine; this is the only mention of 127.0.0.1 > in the file: > > 127.0.0.1 localhost localhost.foo.ca foo2.foo.ca > > (Real names and IP addresses have been obscured). > > I use ipfw with default to deny. My rules: > > 00100 allow ip from any to any via lo0 > 00100 allow ip from 127.0.0.1 to any > 00100 allow ip from 123.45.67.89 to 127.0.0.1 > 00100 allow ip from 123.45.67.89 to 123.45.67.89 > 00200 deny ip from any to 127.0.0.0/8 via fxp0 > 00300 deny ip from 127.0.0.0/8 to any via fxp0 > 00400 allow ip from 123.45.67.89 to 123.45.67.0/24 > 00500 allow tcp from any to any established > 00600 allow ip from any to any frag > ... > > The others are service-specific; I think the 0100 rules should allow > a local connection though, shouldn't they? > > Any clues appreciated. Please CC: me your reply, as I'm > not a list subscriber. > > Thanks, > > Brent > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message