Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 18 Jul 2004 00:55:11 -0700 (PDT)
From:      freebsder <freebsder51@yahoo.com>
To:        freebsd-questions@freebsd.org
Subject:   FreeBSD 5.1 <-> WinXP Networking Problem UPDATE #2
Message-ID:  <20040718075511.75494.qmail@web52501.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help 
  Hi Chuck,

Thanks for the suggestions.

First off - there was actually a typo in the line:
firewall_script="/etc/rc/firewall
I changed it to:
firewall_script="/etc/rc.firewall"

However, it made no difference to the WinXP box
ability to connect.

Next I tried commenting out that line altogether but
it still did not work(!)  It would not go online.

I then checked out rc.firewall asper you suggestion
and looked under OPEN ... This is what I found:::

############
# If you just configured ipfw in the kernel as a tool
to solve network
# problems or you just want to disallow some
particular kinds of traffic
# then you will want to change the default policy to
open.  You can also
# do this as your only action by setting the
firewall_type to ``open''.
#
#${fwcmd} add 65000 pass all from any to any


# Prototype setups.
#
case ${firewall_type} in
[Oo][Pp][Ee][Nn])
	setup_loopback
	${fwcmd} add 65000 pass all from any to any
	;;

[...]

Do you see a problem in this set-up?

I am considering setting it up in SIMPLE mode but I
want to be able to run the machine in OPEN mode before
I get too fancy with security and firewalls ... you
know?

Thanks again for you help ... please advise.


freebsder wrote:
> This is what I get:
> 
> # ipfw -a list
> 00100 49820 12066079 allow ip from any to any
> 00100     0        0 allow tcp from any to any
> 65535     2       96 deny ip from any to any
> 
> The Second and Third lines don't seem right..  What
do
> I need to do correct the problem here.

The line here:

 >>      firewall_script="/etc/rc/firewall"

...tells IPFW to use a config file that doesn't
contain enough useful 
rules.

Comment out that line, and examine /etc/rc.firewall
instead, and 
reboot.  Then 
take a look at the rules being loaded by the OPEN
firewall type, which 
should 
include a divert rule...

-- 
-Chuck



		
__________________________________
Do you Yahoo!?
Vote for the stars of Yahoo!'s next ad campaign!
http://advision.webevents.yahoo.com/yahoo/votelifeengine/

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040718075511.75494.qmail>