Date: Fri, 01 Feb 2002 14:31:53 -0500 From: James Housley <jim@thehousleys.net> To: Rob Zietlow <zietlow@securepipe.com> Cc: Hackers@freebsd.org Subject: Re: Possible bug in kernel w/pppoe & ipf ? Message-ID: <3C5AED29.B9E6C921@Thehousleys.net> References: <Pine.LNX.4.44.0202011319060.12073-100000@buttress.wi.securepipe.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Rob Zietlow wrote: > > Ahh yes, I knew I forgot something, Thank you Jim. yes My rulest was both > the original that worked before the DSL pppoe wackiness. I also had the > same routing issues when my /etc/ipf.rules said: > > pass in all > pass out all > > I still received the "no route to host" message. I also added into my > rc.conf "ipfilter_rules="etc/ipf.rules" " as the rc.conf in > /etc/defaults/rc.conf had listed in it. > I don't know if this is your problem or not, but.... I use IPFW so this may not be the same as ipf, it may also not exist any more for IPFW either. But I have 1 machine connected vie a cable modem and dhclient. I have another machine connected via DSL and PPPoE and dhclient. Both of these machines had to, might not be true any more but one is in a different country and don't want to mess with it, configure the kernel to IPFIREWALL_DEFAULT_TO_ACCEPT to ensure the dhclient could connect on boot. After that I load a more restrictive firewall. But my basic problem was that during boot, dhclient was being run before the firewall rules were being loaded. Again, I don't know if this is still the case. Jim -- /"\ ASCII Ribbon Campaign . \ / - NO HTML/RTF in e-mail . X - NO Word docs in e-mail . / \ ----------------------------------------------------------------- jeh@FreeBSD.org http://www.FreeBSD.org The Power to Serve jim@TheHousleys.Net http://www.TheHousleys.net jhousley@SimTel.Net http://www.SimTel.Net --------------------------------------------------------------------- "...there's no idea that's so good you can't ruin it with a few well-placed idiots." -- Charles Spickman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C5AED29.B9E6C921>