From owner-freebsd-questions@FreeBSD.ORG Fri Dec 2 21:58:11 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1979C106564A for ; Fri, 2 Dec 2011 21:58:11 +0000 (UTC) (envelope-from kes-kes@yandex.ru) Received: from forward5.mail.yandex.net (forward5.mail.yandex.net [IPv6:2a02:6b8:0:602::5]) by mx1.freebsd.org (Postfix) with ESMTP id 88A068FC0A for ; Fri, 2 Dec 2011 21:58:10 +0000 (UTC) Received: from smtp4.mail.yandex.net (smtp4.mail.yandex.net [77.88.46.104]) by forward5.mail.yandex.net (Yandex) with ESMTP id 03B1012005CA; Sat, 3 Dec 2011 01:58:08 +0400 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1322863089; bh=fSeSmRbYI0/VnFfbzk7DDQ2i+xYgqDLDpGm4rtMdXyo=; h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To: References:MIME-Version:Content-Type:Content-Transfer-Encoding; b=VlcPuxFOrAKkDTql2lS2rCmfTQFjSLOFVy2jNWzn5nBpf6GSJTX8ek2Ga1ErPsKBE 1e1838UcRfDUM3YJunddlBCxOCTTh4E5sSG1oOTnkpF2K7us3SJVCCuS9IXMiXTz2N 6qOvsntiCO2KHTY3cD1GEuMJSkwu5Q0ITxD5vOGQ= Received: from smtp4.mail.yandex.net (localhost [127.0.0.1]) by smtp4.mail.yandex.net (Yandex) with ESMTP id D3B545C03B7; Sat, 3 Dec 2011 01:58:08 +0400 (MSK) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yandex.ru; s=mail; t=1322863088; bh=fSeSmRbYI0/VnFfbzk7DDQ2i+xYgqDLDpGm4rtMdXyo=; h=Date:From:Reply-To:Message-ID:To:CC:Subject:In-Reply-To: References:MIME-Version:Content-Type:Content-Transfer-Encoding; b=k5qL2MbzSlliD7KPs6rrNHXakL6YLfGhxTe6nZj/QGdf2fbTdVbyvcwn9zaN64R7t 2onIyIik9WLHWcGiszuwUNPRqATqEpaj04R3BFuHJFHZK3XYNojDRwyoHHHVAup9Ew l+nNP2VW2BupCGbuD3nXgNokEaTDfozAhLA3ivVA= Received: from unknown (unknown [176.8.25.138]) by smtp4.mail.yandex.net (nwsmtp/Yandex) with ESMTP id w8SWZei7-w8SWCSN5; Sat, 3 Dec 2011 01:58:08 +0400 X-Yandex-Spam: 1 Date: Fri, 2 Dec 2011 23:58:02 +0200 From: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= X-Mailer: The Bat! (v4.0.24) Professional Organization: =?utf-8?B?0KfQnyDQmtC+0L3RjNC60L7QsiwgRnJlZUxpbmU=?= X-Priority: 3 (Normal) Message-ID: <378645417.20111202235802@yandex.ru> To: Tim Daneliuk In-Reply-To: <4ED80CD0.8070709@tundraware.com> References: <4ED80CD0.8070709@tundraware.com> MIME-Version: 1.0 Content-Type: text/plain; charset=windows-1251 Content-Transfer-Encoding: 8bit Cc: FreeBSD Mailing List Subject: Re: ipfw And ping X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: =?utf-8?B?0JrQvtC90YzQutC+0LIg0JXQstCz0LXQvdC40Lk=?= List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 02 Dec 2011 21:58:11 -0000 Здравствуйте, Tim. Вы писали 2 декабря 2011 г., 1:25:04: TD> I have a fairly restrictive ipfw setup on a FBSD 8.2-STABLE machine. TD> Pings were not getting through so I added this near the top TD> of the rule set: TD> ##### TD> # Allow icmp TD> ##### TD> ${FWCMD} add allow icmp from any to any ${FWCMD} add 1 allow icmp from any to any DO NOT FORGET RULE NUMBERS ;-) TD> It does work but, two questions: TD> 1) Is there a better way? TD> 2) Will this cause harm or otherwise expose the server to some vulnerability? TD> _______________________________________________ TD> freebsd-questions@freebsd.org mailing list TD> http://lists.freebsd.org/mailman/listinfo/freebsd-questions TD> To unsubscribe, send any mail to TD> "freebsd-questions-unsubscribe@freebsd.org" -- С уважением, Коньков mailto:kes-kes@yandex.ru