Date: Fri, 16 Apr 2004 10:51:05 +0200 From: "RazorOnFreeBSD" <yann.luppo@attglobal.net> To: <freebsd-questions@freebsd.org> Subject: firewall rules error Message-ID: <005401c4238f$f4d9dab0$0f01a8c0@razor>
next in thread | raw e-mail | index | archive | help
Hi everyone,
I'm trying to write my own rules for ipfw under 4.9 STABLE.
But everytime I try to use the file with my rules .... my network is =
totally blocked and the "ipfw show" command returns :
65535 38 2311 deny ip from any to any
I think there's a problem in my rules file and the system replaces my =
rules by this one, but I can't figure out what is the problem, my rules =
file is really short compared to what I saw sometimes on Internet :
-------------------------------------------------------------------------=
---------------------------------------------
fwcmd=3D"/sbin/ipfw"
oif=3D"dc0"
iif=3D"dc1"=20
${fwcmd} -f flush
${fwcmd} add check-state
${fwcmd} add deny ip from any to any in via $oif verrevpath
add 050 divert natd all from any to any via $oif
add 100 pass all from any to any via lo0
add 200 deny all from any to 127.0.0.0/8
add 300 deny ip from 127.0.0.0/8 to any
${fwcmd} add allow ip from me to any via $oif keep-state
${fwcmd} add allow icmp from any to any via $oif icmptypes 0,3,11,12
${fwcmd} add allow tcp from any to me dst-port 22 in via $iif setup =
keep-state
${fwcmd} add deny log ip from any to any
-------------------------------------------------------------------------=
---------------------------------------------
Can anybody tell me what's wrong ?
Thanks.
razor.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005401c4238f$f4d9dab0$0f01a8c0>