Date: Tue, 10 Jul 2001 18:31:09 -0700 (PDT) From: Erik Ebert <eebert@yahoo.com> To: Francisco Reyes <lists@natserv.com> Cc: FreeBSD Security List <freebsd-security@FreeBSD.ORG> Subject: Re: Cant ping/nslookup Message-ID: <20010711013109.14413.qmail@web14608.mail.yahoo.com> In-Reply-To: <20010710201436.B22560-100000@zoraida.natserv.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Francisco Reyes <lists@natserv.com> wrote: > On Tue, 10 Jul 2001, Dru wrote: > > > Hi Francisco, > > > > I don't see any rules to allow UDP. > > I have some rules. I thought I would only include > the "deny" clauses to > show that they all had the "log" option yet nothing > was coming up on > /var/log/security. > . . . > 65535 0 0 deny ip from any to any The default rule, 65535, which gets added automatically by the kernel or something, does not have the log option on. That is almost certainly the rule that is getting hit. What I do is add a rule like: 65534 deny log ip from any to any to catch anything before the default rule kicks in. -- Erik __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010711013109.14413.qmail>