From owner-freebsd-questions Mon Mar 12 3:52: 4 2001 Delivered-To: freebsd-questions@freebsd.org Received: from shiva.jussieu.fr (shiva.jussieu.fr [134.157.0.129]) by hub.freebsd.org (Postfix) with ESMTP id 4AFC337B718 for ; Mon, 12 Mar 2001 03:51:55 -0800 (PST) (envelope-from joel.carnat@noos.fr) Received: from moka.ccr.jussieu.fr (moka.ccr.jussieu.fr [134.157.1.23]) by shiva.jussieu.fr (8.11.3/jtpda-5.3.3) with ESMTP id f2CBprL95600 for ; Mon, 12 Mar 2001 12:51:53 +0100 (CET) Received: from tazmania (ptiJo@tazmania.eila.jussieu.fr [134.157.166.25]) by moka.ccr.jussieu.fr (8.10.0/jtpda-5.3.3) with SMTP id f2CBprM159400 for ; Mon, 12 Mar 2001 12:51:53 +0100 Date: Mon, 12 Mar 2001 12:50:27 +0000 From: Joel CARNAT To: freebsd-questions@FreeBSD.ORG Subject: Re: PING filtering Message-Id: <20010312125027.44899f95.joel.carnat@noos.fr> X-Mailer: Sylpheed version 0.4.61 (GTK+ 1.2.8; Linux 2.2.17; i686) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG right ! done :) everything's perfectly all right for future knowledge (and future newbies like me :), here's what I did : -1- compile new kernel with those options : options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #print information about options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default -2- add the right FW rule : /sbin/ipfw add deny log icmp from any to any via xl0 icmptype 8 -3- use syslog to watch who ping's me so that I may tune the rules later... # IPFW logging :) !ipfw *.* /var/log/ipfw.log ********************************************** *** special thX : *** Charles Burns" *** Kris Kennaway *** lazy *** *** thX for your answers guys ;) ********************************************** -- Joel CARNAT =========== slackware : The Choice of a GNU Generation. FreeBSD : The Power To Serve. OpenBSD : The proactively secure UNIX-like operating system. NetBSD : Of course it runs NetBSD... To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message