From owner-freebsd-questions@FreeBSD.ORG Wed Aug 6 15:45:54 2014 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 120DD7CE for ; Wed, 6 Aug 2014 15:45:54 +0000 (UTC) Received: from mx1.rsle.net (mx1.rsle.net [IPv6:2607:ff40:b0b::4]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id A316C2D6D for ; Wed, 6 Aug 2014 15:45:52 +0000 (UTC) Received: from CLASSIFIED (CLASSIFIED [IPv6:2607:ff40:b0b::3:1415]) (authenticated bits=0) by mx1.rsle.net (8.14.9/8.14.9) with ESMTP id s76Fjdgh029118 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO) for ; Wed, 6 Aug 2014 11:45:40 -0400 (EDT) (envelope-from freebsd-questions@rsle.net) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.98.4 at antivirus.rsle.net Message-ID: <53E24D9E.6060202@rsle.net> Date: Wed, 06 Aug 2014 11:45:34 -0400 From: "R. Scott Evans" User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:24.0) Gecko/20100101 Thunderbird/24.6.0 MIME-Version: 1.0 To: freebsd-questions@freebsd.org Subject: Re: ipfw config .... References: <53E23FC4.5000205@hiwaay.net> In-Reply-To: <53E23FC4.5000205@hiwaay.net> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.4.3 (mx1.rsle.net [IPv6:2607:ff40:b0b::2]); Wed, 06 Aug 2014 11:45:40 -0400 (EDT) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Aug 2014 15:45:54 -0000 On 08/06/14 10:46, William A. Mahaffey III wrote: > .... I am trying to get ipfw up & running on my newly minted FreeBSD 9.3 > workstation .... To that end, I added the following to my rc.conf & > typed in 'service ipfw start', & the ssh connection I was/am working > over hung/crashed .... > > rc.conf: > > firewall_enable="YES" > firewall_type="/etc/ipfw.conf workstation" > firewall_quiet="NO" > firewall_logdeny="YES" > firewall_myservices="NFS,SSH,NTP" > > I'm fairly sure the 1st line needs to be there, guessing about the rest. > I can't find out where logged messages are going (some come to the > screen, a few to /var/log/messages, anything else: ????). Any clues > appreciated :-) .... Firewall type can only be one value. You have both /etc/ipfw.conf & workstation. If you use /etc/ipfw.conf, then the rest of the options other than firewall_enable are not needed as you will configure your own rules directly in the ipfw.conf file. However if you use type workstation instead, then to enable the myservices, then you also need is firewall_allowservices which tells it what IP network(s) are allowed to access the myservices. You can have more than one IP network listed, but you separate each with a space and not a comma. Likewise, the myservices are separated by spaces, not commas. firewall_enable="YES" firewall_type="workstation" firewall_quiet="NO" firewall_logdeny="YES" firewall_allowservices="192.168.0.0/23 172.16.1.0/24" firewall_myservices="NFS SSH NTP" I don't use the logging to much myself so I may be missing something but I believe the places to look would be /var/log/security and or execute "ipfw show" depending on what info you're looking for.