From owner-freebsd-ipfw Wed Apr 10 22:19:46 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mail.mipk-kspu.kharkov.ua (flash.mipk-kspu.kharkov.ua [194.44.157.113]) by hub.freebsd.org (Postfix) with ESMTP id 8731F37B405 for ; Wed, 10 Apr 2002 22:19:27 -0700 (PDT) Received: from mipk-kspu.kharkov.ua (rainbow.mipk-kspu.kharkov.ua [192.168.9.241]) by mail.mipk-kspu.kharkov.ua (8.11.6/8.11.1) with ESMTP id g3B5G9k88212; Thu, 11 Apr 2002 08:16:10 +0300 (EEST) (envelope-from artem@mipk-kspu.kharkov.ua) Message-ID: <3CB51C38.5D048F68@mipk-kspu.kharkov.ua> Date: Thu, 11 Apr 2002 08:16:40 +0300 From: "Artyom V. Viklenko" Organization: IIAT NTU "KPI" X-Mailer: Mozilla 4.78 [en] (WinNT; U) X-Accept-Language: ru,uk,en MIME-Version: 1.0 To: John Massier Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: Booting error in rc.firewall References: Content-Type: text/plain; charset=koi8-r Content-Transfer-Encoding: 8bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG John Massier wrote: > > Hi everyone, > > I´ve got an odd problem when booting with a firewall_type="filename". In the > file( /etc/ipfw.rules ) I add the next rules: > > add 00100 allow ip from any to any via lo0 > add 00200 deny ip from any to 127.0.0.0/8 > add 00300 deny ip from 127.0.0.0/8 to any > add 01002 deny hmp from 1.1.1.1 to 5.4.4.4 > add 10000 allow tcp from 2.2.2.2 to 3.3.3.3 > add 23232 allow i-nlsp from 67.67.67.67 to 3.3.3.3 > add 56565 prob 0.400000 allow log logamount 12000 tcp from not > 122.23.2.5:123.23.23.23 3456,8765,1511,1469 to 4.2.2.0/23 The problem is here, I think. You have to specify the mask for address 122.23.2.5 and value 123.23.23.23 doesn't look like correct value for this purpose. > 123,5678,68,2016,998 uid uucp gid man keep-state 1234 bridged in recv ppp0 > ipopt ssrr,lsrr tcpflags syn,ack tcpoptions mss,window > add 65000 allow ip from any to any > add 65535 deny ip from any to any > > The problem is in rule 56565. When booting i get the following message: > > ipfw:Line 7: too many arguments > > and the remaining rules aren´t added. The rule 56565 is in the file > excusively to test if ipfw fails, and that´s exactly what has happen. > > Any idea please? > > Thanks in advance. Best regards. > > _________________________________________________________________ > Hable con sus amigos en línea, pruebe MSN Messenger: http://messenger.msn.es > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-ipfw" in the body of the message -- Sincerely yours, Artyom V. Viklenko. ====================================================== System Administrator artem@mipk-kspu.kharkov.ua ------------------------------------------------------ IIAT NTU "KhPI" 21, Frunze Str., Kharkov Ukraine 61002 Phone: +380 (572) 400026 Fax: +380 (572) 474062 ====================================================== To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message