From owner-freebsd-current Mon Aug 24 02:44:55 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id CAA26440 for freebsd-current-outgoing; Mon, 24 Aug 1998 02:44:55 -0700 (PDT) (envelope-from owner-freebsd-current@FreeBSD.ORG) Received: from alushta.NL.net (alushta.NL.net [193.78.240.22]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id CAA26435 for ; Mon, 24 Aug 1998 02:44:52 -0700 (PDT) (envelope-from paulz@trantor.stuyts.nl) Received: from stuyts by alushta.NL.net with UUCP id <11119-31475>; Mon, 24 Aug 1998 11:43:58 +0200 Received: from trantor.stuyts.nl (uucp@localhost) by terminus.stuyts.nl (8.9.1/8.8.8) with UUCP id LAA14062; Mon, 24 Aug 1998 11:17:29 +0200 (MET DST) (envelope-from paulz@trantor.stuyts.nl) Received: from trantor.stuyts.nl (localhost [127.0.0.1]) by trantor.stuyts.nl (8.9.1/8.8.5) with ESMTP id LAA13070; Mon, 24 Aug 1998 11:15:07 +0200 (MET DST) Message-Id: <199808240915.LAA13070@trantor.stuyts.nl> X-Mailer: exmh version 2.0.2 2/24/98 To: Philippe Regnauld Cc: FreebSD Current Subject: Re: Firewall Rules are weird.....look at this...in current.... In-reply-to: Your message of "Mon, 24 Aug 1998 09:30:37 +0200." <19980824093037.55193@deepo.prosa.dk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 24 Aug 1998 11:15:07 +0200 From: Paul van der Zwan Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > William Woods writes: > > > > I just compiled todays cvsup of current and all is fine except this. Here is a > > portion of my firewall rules: > > > > ------------------------------------- > > 00100 allow ip from any to any via lo0 > > 00200 deny ip from any to 127.0.0.0/8 > > 65000 allow ip from any to any > > 65535 allow ip from any to any > > 00000 deny ip from any to any > > 00000 deny ip from any to any > > [...] > > options IPFIREWALL #firewall > > options IPFIREWALL_VERBOSE #print information about > > # dropped packets > > options IPFIREWALL_FORWARD #enable xparent proxy support > > options "IPFIREWALL_VERBOSE_LIMIT=100" #limit verbosity > > options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default > > options IPDIVERT #divert sockets > > options IPFILTER #kernel ipfilter support > > options IPFILTER_LOG #ipfilter logging > > #options IPFILTER_LKM #kernel support for ip_fil.o LKM > > Why do you have both IPFILTER and IPFW ? > Same problem here. But just the following entries: options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #print information about options IPDIVERT #divert sockets Also when I run 'ipfw show' I get exactly 1024 lines of output. Might this be related to the recent mbuf changes ??? Paul -- Paul van der Zwan paulz @ trantor.stuyts.nl "I think I'll move to theory, everything works in theory..." To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message