From owner-freebsd-stable Wed Mar 7 8:13:52 2001 Delivered-To: freebsd-stable@freebsd.org Received: from chmod.ath.cx (CC2-1242.charter-stl.com [24.217.116.226]) by hub.freebsd.org (Postfix) with ESMTP id D09AA37B718 for ; Wed, 7 Mar 2001 08:13:48 -0800 (PST) (envelope-from ajh3@chmod.ath.cx) Received: by chmod.ath.cx (Postfix, from userid 1001) id A7DA3A89F; Wed, 7 Mar 2001 10:13:28 -0600 (CST) Date: Wed, 7 Mar 2001 10:13:28 -0600 From: Andrew Hesford To: Danny Greschke Cc: freebsd-stable@freebsd.org Subject: Re: IPFilter doing wacky things after recompiled kernel today Message-ID: <20010307101328.A859@cec.wustl.edu> References: <5.0.2.1.2.20010307223821.00dc69f8@mail.dingoblue.net.au> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <5.0.2.1.2.20010307223821.00dc69f8@mail.dingoblue.net.au>; from dgres@dingoblue.net.au on Wed, Mar 07, 2001 at 10:53:22PM +1100 X-Loop: Andrew Hesford Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Have you tried ipfirewall? Maybe the problem is unique to ipfilter. Besides, if you aks me, ipfirewall is better. Also, it never hurts to cvsup and rebuild the world (actually, reading this list, I guess sometimes it's really painful, but I've never had a problem :), just to make sure nothing is wrong. On Wed, Mar 07, 2001 at 10:53:22PM +1100, Danny Greschke wrote: > This will probably be something stupid. > But after a recompiled kernel today IPFilter started doing some damn weird > stuff. > > Firstly (and yes, I'm a newbie) the last kernel build of 4.2 I did on this > machine was a month ago, and now it seems that everything is being loaded > as modules or something ? Plus now it's apparently version 4.3-Beta ? I > guess they're side questions, anyway. > > So I load my ipf ruleset only to find that all my pass/block in's are being > registered as pass/block out's. > > Like, if the only rule I had in my ruleset was 'pass in all'. I'll flush, > and 'ipfstat -i' says that I have no input rules specified, but 'ipfstat > -o' says that I have 1 rule, "pass out all" loaded. > > I have no idea how this is happening or what's causing it. > Can anyone point me in the right direction ? > > Thanks, > > Danny Greschke > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message -- Andrew Hesford ajh3@chmod.ath.cx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message