Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 20 Nov 2002 16:31:26 +0900 (JST)
From:      Tod McQuillin <devin@spamcop.net>
To:        JY <leafy@leafy.idv.tw>
Cc:        freebsd-stable@FreeBSD.ORG
Subject:   Re: ipfw rules loaded but never evaluated
Message-ID:  <20021120162921.L51294-100000@glass.pun-pun.prv>
In-Reply-To: <20021120071612.GA53898@leafy.idv.tw>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 20 Nov 2002, JY wrote:

> What's worse now is that I can still ssh into the host which is a 'closed' firewall and rules as:
> 0100 0 0 allow ip from any to any via lo0
> 00200 0 0 deny ip from any to 127.0.0.0/8
> 00300 0 0 deny ip from 127.0.0.0/8 to any
> 65535 0 0 deny ip from any to any

Do you have

firewall_enable="YES"

in /etc/rc.conf?

What do you get from "sysctl net.inet.ip.fw.enable" ?
-- 
Tod McQuillin



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021120162921.L51294-100000>