Date: Mon, 4 Apr 2005 09:06:41 -0700 From: perikillo <perikillo@gmail.com> To: freebsd-questions@freebsd.org Subject: Securelevel dont let ipf read rules... Message-ID: <51d7a516050404090660bb68ed@mail.gmail.com>
index | next in thread | raw e-mail
Hi all, i was testing my firewaill with Freebsd 4.11 Release and ipf on the kernel. I have ppp setup to run on every time i turn on the system, i was using securelevel=2 on the /etc/sysctl.conf kern.securelevel=2 and /etc/rc.conf /etc/rc.conf: kernel_securelevel=2 After i see that my firewall was ready to start his job, i decide to change the secure level to paranoid level and change the secure level to 3: /etc/sysctl.conf: kern.securelevel=3 /etc/rc.conf: kernel_securelevel=3 Went i restart my computer, and try to access with my other computer wich use Windows 2k, i try to access the internet, and see that my browser dont find nothing, make some test on it, but no access to the outside world. I go back to my firewall and test the conecction: test#ifconfig This show that i was conected, then test with ping, fastest_cvsup none of then reach the outside world. After this i test ipf : test#ipfstat -hio upsssssssssssssss, dont have any rules on my firewall, the i go to: test# ee /var/log/console I go to the end of the file and read my last boot up messages and see that went my system try read the /etc/ipf.rules and /etc/ipmon.rules the system secure level=3 on /etc/syctl.conf dont let ipf and ipnat to charge his rules set. "Operation Not Permite" (something like this mmmm dont remember the right messages :-\) /etc/sysctl.conf goes before /etc/rc.conf, i was thinking that if i setup securelevel=1 on sysctl.conf and then on rc.conf after ipf and ppp start, setup securelevel to 3, but my rc.conf dosent do nothing. How can i reach securelevel=3 and run my firewall, i dont want to input nothing directly i want that baby(freebsd) do every thing automatically, maybe i need to setup a script??? Or i am doing something wrong? I read man init but dont see nothing about this issue... Thanks all for your comments. NOTE: Freebsd 4.11 Release, ipfilter compile in the kernel. This machine run only my firewall no servers is an old pentium 100Mhz. I try to write my best english.help
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?51d7a516050404090660bb68ed>