Date: Thu, 21 Oct 1999 23:23:18 -0400 From: Jerry Bell <jerry@bellnetworks.net> To: Lists User <lists@rhavenn.net> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW is acting funny... Message-ID: <380FD8A6.86BC123D@bellnetworks.net> References: <3.0.6.32.19991021215338.0091f3b0@mail.trlinks.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The problem is that the traffic is not matching your rules, since you are also specifying a source port. Try this: $ipfw add deny udp from 172.20.20.15 1024-65535 to 172.20.20.12 137 $ipfw add deny udp from 172.20.20.15 1024-65535 to 172.20.20.12 138 or just $ipfw add deny udp from 172.20.20.15 to 172.20.20.12 137 $ipfw add deny udp from 172.20.20.15 to 172.20.20.12 138 When connections are established, an ephemeral port is assigned on the initiating side (in the range of 1024-65535). There is a bit more info at http://www.bellnetworks.net/cs Hope this helps. Jerry Lists User wrote: > > Hello List- > > Well, more then likely I am not understanding IPFW correctly, but here > is my problem: > > I have the IPFIREWALL, etc.. on in the kernel and my firewall works, but I > am trying to keep my local > computers and routers from filling my logs, so I put a line in before my > last one which should deny > certian local requests, but not log them. > > #Before the last line > $ipfw add deny udp from 172.20.20.15 137 to 172.20.20.12 137 #This is a > Win98 box to my NIX box > $ipfw add deny udp from 172.20.20.15 138 to 172.20.20.12 138 > > #My last lines. > $ipfw add deny log tcp from any to any > $ipfw add deny log udp from any to any > > My question/problem is that these requests still get logged and fillup my > log file with junk. I thought > if a deny matched it would terminate, but it keeps going and logs the > requests? In my log file it shows > up exactly like the deny requests above it. > > Am I missing something? > > Thanks! I am on the digest list, but could you email me seperately if you > have an answer :) > > Henrik > lists@rhavenn.net > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?380FD8A6.86BC123D>