From owner-freebsd-questions Thu Oct 21 20:27:18 1999 Delivered-To: freebsd-questions@freebsd.org Received: from wally.bellnetworks.net (www.bellnetworks.net [216.214.153.70]) by hub.freebsd.org (Postfix) with ESMTP id 320A314D41 for ; Thu, 21 Oct 1999 20:27:09 -0700 (PDT) (envelope-from jerry@bellnetworks.net) Received: from bellnetworks.net (alice.bellnetworks.net [216.214.153.74]) by wally.bellnetworks.net (8.9.3/8.9.3) with ESMTP id XAA99547; Thu, 21 Oct 1999 23:26:16 -0400 (EDT) (envelope-from jerry@bellnetworks.net) Message-ID: <380FD8A6.86BC123D@bellnetworks.net> Date: Thu, 21 Oct 1999 23:23:18 -0400 From: Jerry Bell X-Mailer: Mozilla 4.6 [en] (WinNT; I) X-Accept-Language: en MIME-Version: 1.0 To: Lists User Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW is acting funny... References: <3.0.6.32.19991021215338.0091f3b0@mail.trlinks.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG The problem is that the traffic is not matching your rules, since you are also specifying a source port. Try this: $ipfw add deny udp from 172.20.20.15 1024-65535 to 172.20.20.12 137 $ipfw add deny udp from 172.20.20.15 1024-65535 to 172.20.20.12 138 or just $ipfw add deny udp from 172.20.20.15 to 172.20.20.12 137 $ipfw add deny udp from 172.20.20.15 to 172.20.20.12 138 When connections are established, an ephemeral port is assigned on the initiating side (in the range of 1024-65535). There is a bit more info at http://www.bellnetworks.net/cs Hope this helps. Jerry Lists User wrote: > > Hello List- > > Well, more then likely I am not understanding IPFW correctly, but here > is my problem: > > I have the IPFIREWALL, etc.. on in the kernel and my firewall works, but I > am trying to keep my local > computers and routers from filling my logs, so I put a line in before my > last one which should deny > certian local requests, but not log them. > > #Before the last line > $ipfw add deny udp from 172.20.20.15 137 to 172.20.20.12 137 #This is a > Win98 box to my NIX box > $ipfw add deny udp from 172.20.20.15 138 to 172.20.20.12 138 > > #My last lines. > $ipfw add deny log tcp from any to any > $ipfw add deny log udp from any to any > > My question/problem is that these requests still get logged and fillup my > log file with junk. I thought > if a deny matched it would terminate, but it keeps going and logs the > requests? In my log file it shows > up exactly like the deny requests above it. > > Am I missing something? > > Thanks! I am on the digest list, but could you email me seperately if you > have an answer :) > > Henrik > lists@rhavenn.net > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message