Date: Fri, 16 Apr 2004 02:48:22 +0300 From: hugle <hugle@vkt.lt> To: freebsd-ipfw@freebsd.org Subject: Re: ipfw FWD and NOT ME bug while SSHing ? Message-ID: <20209124174.20040416024822@vkt.lt>
next in thread | raw e-mail | index | archive | help
h> Hello all. h> I've just noticed some problems here.... look : h> whilee sshing to the server after running such command: h> bash-2.05b# ipfw add 3032 fwd x.x.x.1 ip from 192.168.0.0/16 to h> not me && sleep 15 && ipfw delete 3032 & h> I've got 'disconencted' from ssh for 15 seconds, console hanged up. h> But I was able to ping the machine h> BUT I wasn't able to ssh to this machine with its IP 192.168.x.x while h> sshing to x.x.x.59 to the same machine I've got IN (and after rule h> automaticaly removed after 15 sec this ocnsole hanged up) h> And after 15 seconds i was able to INPUT further.. h> Doesn anyone met this problem before? h> PS. h> 03020 5274 4396532 fwd z.z.z.161 ip from h> 192.168.0.0/16 to not me dst-port 22 h> command like that didn't take any affect after adding, was able to h> SSH. tried also adding such rules: fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 112-442 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 445-1862 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 1864-2081 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 2083-3999 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 4001-5049 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 5051-5189 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 5191-6110 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 6120-6665 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 6668-7000 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 8000-9999 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 10001-27014 fwd x.x.x.1 ip from 192.168.0.0/16 to not me dst-port 27016-65000 wlso blocked access to SSH. what is the clue ? thanks.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20209124174.20040416024822>