Date: Sun, 18 Jul 2004 00:55:11 -0700 (PDT) From: freebsder <freebsder51@yahoo.com> To: freebsd-questions@freebsd.org Subject: FreeBSD 5.1 <-> WinXP Networking Problem UPDATE #2 Message-ID: <20040718075511.75494.qmail@web52501.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi Chuck,
Thanks for the suggestions.
First off - there was actually a typo in the line:
firewall_script="/etc/rc/firewall
I changed it to:
firewall_script="/etc/rc.firewall"
However, it made no difference to the WinXP box
ability to connect.
Next I tried commenting out that line altogether but
it still did not work(!) It would not go online.
I then checked out rc.firewall asper you suggestion
and looked under OPEN ... This is what I found:::
############
# If you just configured ipfw in the kernel as a tool
to solve network
# problems or you just want to disallow some
particular kinds of traffic
# then you will want to change the default policy to
open. You can also
# do this as your only action by setting the
firewall_type to ``open''.
#
#${fwcmd} add 65000 pass all from any to any
# Prototype setups.
#
case ${firewall_type} in
[Oo][Pp][Ee][Nn])
setup_loopback
${fwcmd} add 65000 pass all from any to any
;;
[...]
Do you see a problem in this set-up?
I am considering setting it up in SIMPLE mode but I
want to be able to run the machine in OPEN mode before
I get too fancy with security and firewalls ... you
know?
Thanks again for you help ... please advise.
freebsder wrote:
> This is what I get:
>
> # ipfw -a list
> 00100 49820 12066079 allow ip from any to any
> 00100 0 0 allow tcp from any to any
> 65535 2 96 deny ip from any to any
>
> The Second and Third lines don't seem right.. What
do
> I need to do correct the problem here.
The line here:
>> firewall_script="/etc/rc/firewall"
...tells IPFW to use a config file that doesn't
contain enough useful
rules.
Comment out that line, and examine /etc/rc.firewall
instead, and
reboot. Then
take a look at the rules being loaded by the OPEN
firewall type, which
should
include a divert rule...
--
-Chuck
__________________________________
Do you Yahoo!?
Vote for the stars of Yahoo!'s next ad campaign!
http://advision.webevents.yahoo.com/yahoo/votelifeengine/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040718075511.75494.qmail>