Skip site navigation (1)Skip section navigation (2)
Date:      Sat, 01 Nov 2003 10:55:32 -0600
From:      "Chris" <bsdnewbie@coolarrow.com>
To:        freebsd-questions@freebsd.org
Subject:   IPFW strange events
Message-ID:  <200311011055320938.07E914B9@tcslea.org>

next in thread | raw e-mail | index | archive | help

Hello,

This is occurring on a 4.8-RELEASE server using IPFW2...


I have numerous rules that block bogus networks... one of which is:

ipfw add 0104 deny log ip from 96.0.0.0/3 to any


And I know it's working because using "ipfw list" I get:

00104 deny log ip from 96.0.0.0/3 to any


Whenever that rule is active, it's blocking packets - "ipfw show":

00104         21       1148 deny log ip from 96.0.0.0/3 to any

BUT....

Various services stop working... so I look at /var/log/security and see=
 NUMEROUS entries such as this:

Nov  1 10:30:00 server /kernel: ipfw: 104 Deny TCP 127.0.0.1:1051=
 127.0.0.1:80 out via lo0

Now I don't see anything in the rule about the localhost address, yet=
 that's what it's blocking. But a little bit ahead of that rule, I do have=
 this one:

ipfw add 082 divert natd all from any to any via fxp0

Would it help to put all the bogus network deny rules ahead of the divert=
 rule?

Stumped,
Chris




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200311011055320938.07E914B9>