From owner-freebsd-questions@FreeBSD.ORG Fri Jan 9 03:31:33 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0080116A4CE for ; Fri, 9 Jan 2004 03:31:33 -0800 (PST) Received: from web13124.mail.yahoo.com (web13124.mail.yahoo.com [216.136.174.142]) by mx1.FreeBSD.org (Postfix) with SMTP id 127DC43D5A for ; Fri, 9 Jan 2004 03:31:32 -0800 (PST) (envelope-from ean79@yahoo.com) Message-ID: <20040109113130.66739.qmail@web13124.mail.yahoo.com> Received: from [69.79.1.220] by web13124.mail.yahoo.com via HTTP; Fri, 09 Jan 2004 03:31:30 PST Date: Fri, 9 Jan 2004 03:31:30 -0800 (PST) From: Jean Hernandez To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: ipfw dont view some rules X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 09 Jan 2004 11:31:33 -0000 i have a server with an a ipfw enable, the config in the rc.conf is it: jean# cat /etc/rc.conf [B[B[B # -- sysinstall generated deltas -- # Mon Oct 13 22:25:43 2003 # Created: Mon Oct 13 22:25:43 2003 # Enable network daemons for user convenience. # Please make all changes to this file, not to /etc/defaults/rc.conf. # This file now contains just the overrides from /etc/defaults/rc.conf. usbd_enable="YES" # -- sysinstall generated deltas -- # Mon Oct 13 22:39:12 2003 ifconfig_xl0="DHCP" hostname="jean.elementos.org" sendmail_enable="NO" log_in_vain="YES" accounting_enable="YES" sshd_enable="YES" firewall_enable="YES" firewall_type="/etc/firewall.rules" firewall_script= "/etc/rc.firewall" I want a 4 outsides ip can open some ports, like irc, http, ftp and ssh. i make a rule set in a config file was called firewall.rules in the /etc folder. When i exec a ipfw show, i just view 4 rules, the first 3, and the ultimate. i dont know was is wrong. Thats my ruleset. I want the irc was open completly. the another services not. add allow all from any to any add check-state add allow tcp from me to any keep-state establish add deny tcp from any to any add allow tcp from 168.32.171.1/24 to me 21 - 22 add allow tcp from 196.112.160.1/24 to me 21 - 22 add allow tcp from 200.160.215.1/24 to me 21 - 22 add allow tcp from any to any 80 add allow tcp from any to any 6660 - 7000 add allow all from 124.128.57.162 to me add allow all from me to 24.128.57.162 add allow udp from 168.32.171.1/24 to me 21 - 22 add allow udp from 196.112.160.1/24 to me 21 - 22 add allow udp from 200.160.215.1/24 to me 21 - 22 add deny icmp from any to me add allow icmp from me to any icmptype 3,4,11 add allow icmp from 168.32.171.1/24 to me icmptype 3,4,11 add allow icmp from 196.112.160.1/24 to me icmptype 3,4,11 add allow icmp from 200.160.215.1/24 to me icmptype 3,4,11 add pass all from any to any Regards guys, Jean Hernandez __________________________________ Do you Yahoo!? Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes http://hotjobs.sweepstakes.yahoo.com/signingbonus