Date: Mon, 17 Apr 2006 19:10:59 -0500 From: Paul Schmehl <pauls@utdallas.edu> To: freebsd-questions@freebsd.org Subject: Re: IPFW Problems Message-ID: <FB0C884BDA576B06FDF3EB1D@Paul-Schmehls-Computer.local> In-Reply-To: <8921D35B-1F12-4212-9B62-0CC1CC8F5AE5@allresearch.com> References: <8921D35B-1F12-4212-9B62-0CC1CC8F5AE5@allresearch.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--==========89CD255249F49491FE24========== Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline --On April 17, 2006 2:29:23 PM -0700 Noah Silverman <noah@allresearch.com>=20 wrote: > > I have a system with a 4.11 Kernel. Unless I'm doing something very > wrong, there seems to be something odd with ipfw. > > Take the following rules: > > ipfw add 00280 allow tcp from any to any 22 out via bge0 setup keep- = state > ipfw add 00299 deny log all from any to any out via bge0 > ipfw add 0430 allow log tcp from any to me 22 in via bge0 setup limit > src-addr 2 > ipfw add 00499 deny log all from any to any in via bge0 > > In theory, this should allow in SSH and nothing else. > > When I install this firewall configuration, I'm locked out of the box. > An inspection of the logs shows that rule 499 is being triggered by an > attempted incoming connection. > What does "ipfw show" reveal regarding connection stats? If you're at the console, can you ssh out to some other box? Paul Schmehl (pauls@utdallas.edu) Adjunct Information Security Officer University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu/ --==========89CD255249F49491FE24==========--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?FB0C884BDA576B06FDF3EB1D>