Date: Mon, 24 Aug 1998 10:14:51 +0200 From: Philippe Regnauld <regnauld@deepo.prosa.dk> To: wwoods@cybcon.com Cc: FreebSD Current <freebsd-current@FreeBSD.ORG> Subject: Re: Firewall Rules are weird.....look at this...in current.... Message-ID: <19980824101451.02376@deepo.prosa.dk> In-Reply-To: <XFMail.980824004759.wwoods@cybcon.com>; from William Woods on Mon, Aug 24, 1998 at 12:47:59AM -0700 References: <19980824093037.55193@deepo.prosa.dk> <XFMail.980824004759.wwoods@cybcon.com>
next in thread | previous in thread | raw e-mail | index | archive | help
William Woods writes:
> I just copied it out of LINT.....
>
> >> options IPFIREWALL #firewall
> >> options IPFIREWALL_VERBOSE #print information about
> >> # dropped packets
> >> options IPFIREWALL_FORWARD #enable xparent proxy support
> >> options "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity
> >> options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default
> >> options IPDIVERT #divert sockets
> >> options IPFILTER #kernel ipfilter support
> >> options IPFILTER_LOG #ipfilter logging
> >> #options IPFILTER_LKM #kernel support for ip_fil.o LKM
Ok -- IPFIREWALL and IPFILTER are two _different_ filtering systems --
you should choose one or the other, not both -- I think your problem
might be there (just guessing, I do not know how IPFILTER interacts
at network level).
--
-[ Philippe Regnauld / sysadmin / regnauld@deepo.prosa.dk / +55.4N +11.3E ]-
The Internet is busy. Please try again later.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980824101451.02376>