Date: Wed, 27 Aug 2003 14:48:50 +0300 From: "Vitali Malicky" <life@zone3000.net> To: <freebsd-questions@freebsd.org> Subject: Re: Correct syntax for ipfw to allow local traffic? Message-ID: <003601c36c91$2eb13910$2401010a@zone3000.net> References: <2676.193.166.135.194.1061983372.squirrel@silakka.nettikala.fi>
next in thread | previous in thread | raw e-mail | index | archive | help
> Hi all, Hi! > > I have > 00100 allow ip from any to any via lo0 > in my firewall script. But although I get lines like > > silakka /kernel: Connection attempt to TCP 127.0.0.1:2000 from 127.0.0.1:3914 > > into my messages log. It is jsst like the firewall although blocks local > traffic. What should I add or modify to allow traffic via loopback and/or > from and to 127.0.0.1 ? /sbin/ipfw -q add 00001 allow ip from 127.0.0.1 to 127.0.0.1 via lo0 ========= I usually configure tyhe firewall in /etc/rc.firewall. when I modify firewall rules on the remote servers I responsible of, first I make a copy of rc.firewall, say, rc.firewall.new and make all necessary changes in _this_ file, then I run "shutdown -r +5min" and only after that I execute /etc/rc.firewall.new # /etc/rc.firewall.new nohup & if it's alright and I'm still there on the server I just kill the shutdown process, if not, the machine reboots with the old rules... Best of luck! > > > Regards, > > Johan Paul > > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?003601c36c91$2eb13910$2401010a>