From owner-freebsd-hackers Wed Jul 10 6: 0:36 2002 Delivered-To: freebsd-hackers@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E977237B400 for ; Wed, 10 Jul 2002 06:00:32 -0700 (PDT) Received: from icomag.de (ns.icomag.de [195.227.115.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id ABB8943E3B for ; Wed, 10 Jul 2002 06:00:31 -0700 (PDT) (envelope-from bgd@icomag.de) Received: from localhost (bgd@localhost) by icomag.de (8.11.3/8.11.3) with ESMTP id g6ACtjP89666 for ; Wed, 10 Jul 2002 14:55:46 +0200 (CEST) (envelope-from bgd@icomag.de) Date: Wed, 10 Jul 2002 14:55:45 +0200 (CEST) From: Bogdan TARU X-X-Sender: To: Subject: ipfilter Message-ID: <20020710145242.S89586-100000@fw.cgn.icom> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hi, I have the following problem on a FreeBSD 4.6 machine: compiled the kernel with the following options: options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #enable logging to syslogd(8) options IPFIREWALL_FORWARD #enable transparent proxy support options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options IPDIVERT #divert sockets options IPFILTER #ipfilter support options IPFILTER_LOG #ipfilter logging rebooted that kernel, and tried: (14:57) root@(bgd)[~] ipf -E IP Filter: already initialized (14:58) root@(bgd)[~] ipf block in all from any to any (14:58) root@(bgd)[~] ipfstat -i empty list for ipfilter(in) (14:58) root@(bgd)[~] ipfstat -o empty list for ipfilter(out) Why are the rules still empty? Of course, I am able to ping/whatever all the machines from the exterior, and the same with my machine. What am I doing wrong? Some more infos: (14:58) root@(bgd)[~] uname -a FreeBSD bgd.icomag.de 4.6-RELEASE FreeBSD 4.6-RELEASE #3: Wed Jul 10 14:42:21 CEST 2002 root@bgd.icomag.de:/usr/src/sys/compile/bgd i386 (14:59) root@(bgd)[~] ipf -V ipf: IP Filter: v3.4.27 (336) Kernel: IP Filter: v3.4.27 Running: yes Log Flags: 0 = none set Default: pass all, Logging: available Active list: 0 Thank you, bogdan ---------------------------- iCom Media AG Kirchweg 36 Koln, 50858 Germany Phone: +49-(0)221-485-689-16 Fax : +49-(0)221-485-689-20 Mobile:+49-(0)173-906-46-01 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message