From owner-freebsd-current  Mon Aug 24 00:32:40 1998
Return-Path: <owner-freebsd-current@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA09122
          for freebsd-current-outgoing; Mon, 24 Aug 1998 00:32:40 -0700 (PDT)
          (envelope-from owner-freebsd-current@FreeBSD.ORG)
Received: from mail.ftf.dk (mail.ftf.dk [129.142.64.2])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id AAA09111
          for <freebsd-current@FreeBSD.ORG>; Mon, 24 Aug 1998 00:32:36 -0700 (PDT)
          (envelope-from regnauld@deepo.prosa.dk)
Received: from mail.prosa.dk ([192.168.100.254])
	by mail.ftf.dk (8.8.8/8.8.8/gw-ftf-1.0) with ESMTP id JAA28168;
	Mon, 24 Aug 1998 09:37:35 +0200 (CEST)
	(envelope-from regnauld@deepo.prosa.dk)
Received: from deepo.prosa.dk (deepo.prosa.dk [192.168.100.10])
	by mail.prosa.dk (8.8.8/8.8.5/prosa-1.1) with ESMTP id JAA09505;
	Mon, 24 Aug 1998 09:41:14 +0200 (CEST)
Received: (from regnauld@localhost)
	by deepo.prosa.dk (8.8.8/8.8.5/prosa-1.1) id JAA11250;
	Mon, 24 Aug 1998 09:30:37 +0200 (CEST)
Message-ID: <19980824093037.55193@deepo.prosa.dk>
Date: Mon, 24 Aug 1998 09:30:37 +0200
From: Philippe Regnauld <regnauld@deepo.prosa.dk>
To: wwoods@cybcon.com
Cc: FreebSD Current <freebsd-current@FreeBSD.ORG>
Subject: Re: Firewall Rules are weird.....look at this...in current....
References: <XFMail.980823215705.wwoods@cybcon.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Mailer: Mutt 0.88e
In-Reply-To: <XFMail.980823215705.wwoods@cybcon.com>; from William Woods on Sun, Aug 23, 1998 at 09:57:05PM -0700
X-Operating-System: FreeBSD 2.2.6-RELEASE i386
Phone: +45 3336 4148
Address: Ahlefeldtsgade 16, 1359 Copenhagen K, Denmark
Organization: PROSA
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

William Woods writes:
> 
> I just compiled todays cvsup of current and all is fine except this. Here is a
> portion of my firewall rules:
> 
> -------------------------------------
> 00100 allow ip from any to any via lo0
> 00200 deny ip from any to 127.0.0.0/8
> 65000 allow ip from any to any
> 65535 allow ip from any to any
> 00000 deny ip from any to any
> 00000 deny ip from any to any

	[...]
> options         IPFIREWALL              #firewall
> options         IPFIREWALL_VERBOSE      #print information about
>                                         # dropped packets
> options         IPFIREWALL_FORWARD      #enable xparent proxy support
> options         "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity
> options         IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
> options         IPDIVERT                #divert sockets
> options         IPFILTER                #kernel ipfilter support
> options         IPFILTER_LOG            #ipfilter logging
> #options        IPFILTER_LKM            #kernel support for ip_fil.o LKM

	Why do you have both IPFILTER and IPFW ?

-- 
 -[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-

               The Internet is busy.  Please try again later.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message