Date: Fri, 5 Apr 2002 16:44:08 +0300 (EEST) From: Baris Simsek <simsek@bimel.com.tr> To: ozkan_kirik <ozkan_kirik@yahoo.com> Cc: <freebsd-security@freebsd.org> Subject: Re: Ping problem! Message-ID: <20020405164130.G2867-100000@hitit.bimel.com.tr> In-Reply-To: <a8jkld%2Bpdum@eGroups.com>
next in thread | previous in thread | raw e-mail | index | archive | help
default kernel option is rejecting every packet. you have to add
rule to accept which packets you want. Add this rule to test it:
ipfw add 10000 allow all from any to any
>-------------------------------------------------------------------<
Baris Simsek - UNIX Sys. Adm. - Bimel Elektronik - (+90312) 4342245
http://acikkod.org/
On Fri, 5 Apr 2002, ozkan_kirik wrote:
> after i built my kernel, i couldnt ping to anywhere even router, & i
> couldnt ping to my firewall.
>
> what the problem can be?
>
> the options on kernel are:
>
> IPFIREWALL
> IPDIVERT
> IPFIREWALL_FORWARD
> IPFIREWALL_VERBOSE
> IPFIREWALL_VERBOSE_LIMIT=100
> IPFIREWALL_DEFAULT_TO_ACCEPT
> IPFILTER
> IPFILTER_LOG
> TCPDEBUG
> TCP_DROP_SYNFIN
> DUMMYNET
> IPSTEALTH
> BRIDGE
>
>
> my rc.conf:
>
> ...
> ...
> ...
> inetd_enable="YES"
> ipv6_enable="YES"
> kern_securelevel="2"
> kern_securelevel_enable="YES"
> ipfilter_enable="YES"
> ipfilter_program="/sbin/ipf -FA -f"
> ipfilter_rules="/etc/ipf.rules"
> ipfilter_flags="-E"
> ipmon_enable="YES"
> ipmon_program="/sbin/ipmon"
> ipmonflags="-Ds"
> ipfirewall_enable="YES"
>
>
>
> what can i do?
> by now thx 4 yr help. :)
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020405164130.G2867-100000>