Date: Mon, 18 Oct 2004 14:31:41 +0200 From: Jeroen van Nieuwenhuizen <jnieuwen@jeroen.se> To: freebsd-current@freebsd.org Subject: ipfilter keep state troubles Message-ID: <20041018123141.GB10716@hermod.jeroen.se>
index | next in thread | raw e-mail
[-- Attachment #1 --] Hello all, Using the RELENG_5_3 tag I ran into some troubles using ipfilter compiled into the kernel with default policy set to block. The problem is that I can no longer ping the local interface with the command: ping 127.0.0.1. Using a simpeler firewall configuration I noted that it has probably something to do with the keep state directive Using the rules pass out all pass in all I can ping to 127.0.0.1 Using the rules pass out all keep state pass in all I can not ping to 127.0.0.1 Anyone any ideas? Kind regards, Jeroen -- Jeroen van Nieuwenhuizen (M.Sc[CompSc]) jnieuwen@jeroen.se http://www.jeroen.se I know I'm not perfect but I can smile [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.6 (FreeBSD) iD8DBQFBc7etEEpVlsaqr2ERApYsAKCBYhmcAisVMoaxuAENZ71k+CNG2ACbB0Wz lE37kGzEbmTI0khj9BGLi8Q= =/9PX -----END PGP SIGNATURE-----help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041018123141.GB10716>