Date: Wed, 10 Jul 2002 14:55:45 +0200 (CEST) From: Bogdan TARU <bgd@icomag.de> To: <freebsd-hackers@FreeBSD.ORG> Subject: ipfilter Message-ID: <20020710145242.S89586-100000@fw.cgn.icom>
next in thread | raw e-mail | index | archive | help
Hi, I have the following problem on a FreeBSD 4.6 machine: compiled the kernel with the following options: options IPFIREWALL #firewall options IPFIREWALL_VERBOSE #enable logging to syslogd(8) options IPFIREWALL_FORWARD #enable transparent proxy support options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity options IPFIREWALL_DEFAULT_TO_ACCEPT #allow everything by default options IPDIVERT #divert sockets options IPFILTER #ipfilter support options IPFILTER_LOG #ipfilter logging rebooted that kernel, and tried: (14:57) root@(bgd)[~] ipf -E IP Filter: already initialized (14:58) root@(bgd)[~] ipf block in all from any to any (14:58) root@(bgd)[~] ipfstat -i empty list for ipfilter(in) (14:58) root@(bgd)[~] ipfstat -o empty list for ipfilter(out) Why are the rules still empty? Of course, I am able to ping/whatever all the machines from the exterior, and the same with my machine. What am I doing wrong? Some more infos: (14:58) root@(bgd)[~] uname -a FreeBSD bgd.icomag.de 4.6-RELEASE FreeBSD 4.6-RELEASE #3: Wed Jul 10 14:42:21 CEST 2002 root@bgd.icomag.de:/usr/src/sys/compile/bgd i386 (14:59) root@(bgd)[~] ipf -V ipf: IP Filter: v3.4.27 (336) Kernel: IP Filter: v3.4.27 Running: yes Log Flags: 0 = none set Default: pass all, Logging: available Active list: 0 Thank you, bogdan ---------------------------- iCom Media AG Kirchweg 36 Koln, 50858 Germany Phone: +49-(0)221-485-689-16 Fax : +49-(0)221-485-689-20 Mobile:+49-(0)173-906-46-01 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020710145242.S89586-100000>