Date: Tue, 17 Dec 2002 10:32:40 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: =?iso-8859-1?q?Keith=20Spencer?= <bsd2000au@yahoo.com.au> Cc: fbsd <freebsd-questions@freebsd.org> Subject: Re: ipf -> IPFILTER_DEFAULT_BLOCK ...This is not working as predicted! Help? Message-ID: <20021217102839.C52840-100000@cactus.fi.uba.ar> In-Reply-To: <20021217122916.61123.qmail@web12002.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, 17 Dec 2002, Keith Spencer wrote: > Hi all, > Marty Schlacter is obviously the man. I am following > his firewall tute religiously but I am doing something > wrong! > I have an ipf.rules EXACTLY like his. Works a > treat...but only if I remove the kernel > ipfilter_default_block option. > If it is in there...it blocks way too well. > Everything. > What is going on here or has Marty got it all wrong? Are you using the 'quick' keyword? If you don't, ipf uses a last-match checking, and the last rule is 'block all' See the IPF HOWTO for details. Fer > Thanks Keith > > http://greetings.yahoo.com.au - Yahoo! Greetings > - Send your seasons greetings online this year! > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021217102839.C52840-100000>