Date: Thu, 11 Apr 2002 08:16:40 +0300 From: "Artyom V. Viklenko" <artem@mipk-kspu.kharkov.ua> To: John Massier <j_massier@hotmail.com> Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: Booting error in rc.firewall Message-ID: <3CB51C38.5D048F68@mipk-kspu.kharkov.ua> References: <F10PLBQ8CHNALKu8aVq000204ea@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
John Massier wrote: > > Hi everyone, > > I´ve got an odd problem when booting with a firewall_type="filename". In the > file( /etc/ipfw.rules ) I add the next rules: > > add 00100 allow ip from any to any via lo0 > add 00200 deny ip from any to 127.0.0.0/8 > add 00300 deny ip from 127.0.0.0/8 to any > add 01002 deny hmp from 1.1.1.1 to 5.4.4.4 > add 10000 allow tcp from 2.2.2.2 to 3.3.3.3 > add 23232 allow i-nlsp from 67.67.67.67 to 3.3.3.3 > add 56565 prob 0.400000 allow log logamount 12000 tcp from not > 122.23.2.5:123.23.23.23 3456,8765,1511,1469 to 4.2.2.0/23 The problem is here, I think. You have to specify the mask for address 122.23.2.5 and value 123.23.23.23 doesn't look like correct value for this purpose. > 123,5678,68,2016,998 uid uucp gid man keep-state 1234 bridged in recv ppp0 > ipopt ssrr,lsrr tcpflags syn,ack tcpoptions mss,window > add 65000 allow ip from any to any > add 65535 deny ip from any to any > > The problem is in rule 56565. When booting i get the following message: > > ipfw:Line 7: too many arguments > > and the remaining rules aren´t added. The rule 56565 is in the file > excusively to test if ipfw fails, and that´s exactly what has happen. > > Any idea please? > > Thanks in advance. Best regards. > > _________________________________________________________________ > Hable con sus amigos en línea, pruebe MSN Messenger: http://messenger.msn.es > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message -- Sincerely yours, Artyom V. Viklenko. ====================================================== System Administrator artem@mipk-kspu.kharkov.ua ------------------------------------------------------ IIAT NTU "KhPI" 21, Frunze Str., Kharkov Ukraine 61002 Phone: +380 (572) 400026 Fax: +380 (572) 474062 ====================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CB51C38.5D048F68>