From owner-freebsd-stable  Tue Nov  7 22:25:57 2000
Delivered-To: freebsd-stable@freebsd.org
Received: from mailhost01.reflexnet.net (mailhost01.reflexnet.net [64.6.192.82])
	by hub.freebsd.org (Postfix) with ESMTP id 74ABA37B479
	for <freebsd-stable@freebsd.org>; Tue,  7 Nov 2000 22:25:54 -0800 (PST)
Received: from 149.211.6.64.reflexcom.com ([64.6.211.149]) by mailhost01.reflexnet.net  with Microsoft SMTPSVC(5.5.1877.197.19);
	 Tue, 7 Nov 2000 22:24:19 -0800
Received: (from cjc@localhost)
	by 149.211.6.64.reflexcom.com (8.11.0/8.11.0) id eA86PdE79244;
	Tue, 7 Nov 2000 22:25:39 -0800 (PST)
	(envelope-from cjc)
Date: Tue, 7 Nov 2000 22:25:38 -0800
From: "Crist J . Clark" <cjclark@reflexnet.net>
To: cdel <c_deless@efn.org>
Cc: freebsd-stable@FreeBSD.ORG
Subject: Re: ipfw rules flushing unexpectedly
Message-ID: <20001107222538.L75251@149.211.6.64.reflexcom.com>
Reply-To: cjclark@alum.mit.edu
References: <Pine.GSU.4.21.0011070814270.14978-100000@garcia.efn.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 1.0i
In-Reply-To: <Pine.GSU.4.21.0011070814270.14978-100000@garcia.efn.org>; from c_deless@efn.org on Tue, Nov 07, 2000 at 08:22:30AM -0800
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On Tue, Nov 07, 2000 at 08:22:30AM -0800, cdel wrote:
> Three days ago I noticed that the ipfw rules had purged themselves from
> memory. The box was 4.1.1-STABLE, 'supped on 10/24/00. Yesterday I supped
> in 4.2-BETA #0, re-installed world and a fresh kernel and discovered this
> morning that this had no effect. The box is 'Default Deny' so the purged
> rules keep everyone out but results in a DOS of sorts.
> 
> Any ideas or similar experiences? For now I've resorted to cron to re-run
> the ipfw rule script periodically as a precaution.

Dunno. You didn't put executable commands in rc.conf or something like
that?

You might put some logging rule in your firewall to track down the
time of failure. Perhaps something like,

  # ipfw add 50 pass log icmp from 127.0.0.1 to 127.0.0.1

And then run a cronjob every 10, 5, 1, or whatever, minutes,

  0/5	*	*	*	*	ping -c 1 127.0.0.1

To see when the messages stop.
-- 
Crist J. Clark                           cjclark@alum.mit.edu


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message