Date: Sun, 18 Jul 2004 00:55:11 -0700 (PDT) From: freebsder <freebsder51@yahoo.com> To: freebsd-questions@freebsd.org Subject: FreeBSD 5.1 <-> WinXP Networking Problem UPDATE #2 Message-ID: <20040718075511.75494.qmail@web52501.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
Hi Chuck, Thanks for the suggestions. First off - there was actually a typo in the line: firewall_script="/etc/rc/firewall I changed it to: firewall_script="/etc/rc.firewall" However, it made no difference to the WinXP box ability to connect. Next I tried commenting out that line altogether but it still did not work(!) It would not go online. I then checked out rc.firewall asper you suggestion and looked under OPEN ... This is what I found::: ############ # If you just configured ipfw in the kernel as a tool to solve network # problems or you just want to disallow some particular kinds of traffic # then you will want to change the default policy to open. You can also # do this as your only action by setting the firewall_type to ``open''. # #${fwcmd} add 65000 pass all from any to any # Prototype setups. # case ${firewall_type} in [Oo][Pp][Ee][Nn]) setup_loopback ${fwcmd} add 65000 pass all from any to any ;; [...] Do you see a problem in this set-up? I am considering setting it up in SIMPLE mode but I want to be able to run the machine in OPEN mode before I get too fancy with security and firewalls ... you know? Thanks again for you help ... please advise. freebsder wrote: > This is what I get: > > # ipfw -a list > 00100 49820 12066079 allow ip from any to any > 00100 0 0 allow tcp from any to any > 65535 2 96 deny ip from any to any > > The Second and Third lines don't seem right.. What do > I need to do correct the problem here. The line here: >> firewall_script="/etc/rc/firewall" ...tells IPFW to use a config file that doesn't contain enough useful rules. Comment out that line, and examine /etc/rc.firewall instead, and reboot. Then take a look at the rules being loaded by the OPEN firewall type, which should include a divert rule... -- -Chuck __________________________________ Do you Yahoo!? Vote for the stars of Yahoo!'s next ad campaign! http://advision.webevents.yahoo.com/yahoo/votelifeengine/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040718075511.75494.qmail>