Date: Fri, 5 Apr 2002 01:26:27 +0300 From: "Razvan Cremenescu" <cremenescu@terrasat.ro> To: "'ozkan_kirik'" <ozkan_kirik@yahoo.com> Cc: <freebsd-stable@FreeBSD.ORG> Subject: RE: IpFilter / IpFireWall Message-ID: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAI40GHvEUg0SjdaKTdhTSasKAAAAQAAAAiDUXCtjJ1kapgWbvNnsxLwEAAAAA@terrasat.ro> In-Reply-To: <a8ii7f%2B9qbc@eGroups.com>
next in thread | previous in thread | raw e-mail | index | archive | help
you should look in LINT file
in addition to this :
options IPFILTER
options IPFILTER_LOG
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10
i have something like this and it works just fine...
options IPFILTER
options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options DUMMYNET
options IPDIVERT
options BRIDGE
options IPFIREWALL_DEFAULT_TO_ACCEPT -- this is the most important one
in the kernel file,
otherwise you would lock yourself out.
again, check LINT for more information.
Razvan Cremenescu,
=================================
Network Operations Center Pitesti
e-mail: cremenescu@terrasat.ro
Tel: +40-48-250015 int. 25
+40-48-251112 int. 25
Mobile: +40-92-685805
=================================
Terra Sat Comp
Resita 1700 CS, Romania
http://www.terrasat.ro
company@terrasat.ro
Tel: +40-55-220012
+40-55-220013
Fax: +40-55-220117
=================================
-----Original Message-----
From: owner-freebsd-security@FreeBSD.ORG
[mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of ozkan_kirik
Sent: Friday, April 05, 2002 12:57 AM
To: freebsd-security@freebsd.org
Subject: IpFilter / IpFireWall
i am new to FreeBSD.
i use freebsd v4.5 Release #0.
i am trying to setup an firewall.
but i couldnt block or pass any IP.
i think i have a mistake about my IPF&IPFW settings.
in my kernel:
options IPFILTER
options IPFILTER_LOG
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10
but my rules doesnt work.
for example:
# ipfw add deny tcp from 193.255.128.250 to any
**answer is:
ipfw: getsockopt(IP_FW_ADD): Protocol not available
when i saw this error i get crazy
Plx help me...
With my best regards.
Ozkan KIRIK
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAI40GHvEUg0SjdaKTdhTSasKAAAAQAAAAiDUXCtjJ1kapgWbvNnsxLwEAAAAA>