From owner-freebsd-stable Tue Sep 10 23:26:25 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7F2BC37B400 for ; Tue, 10 Sep 2002 23:26:21 -0700 (PDT) Received: from dart.sr.se (dart.sr.se [134.25.0.132]) by mx1.FreeBSD.org (Postfix) with ESMTP id A3D4543E4A for ; Tue, 10 Sep 2002 23:26:19 -0700 (PDT) (envelope-from gunnar@oldie.sr.se) Received: from honken.sr.se (honken.sr.se [134.25.128.27]) by dart.sr.se (8.11.6/8.11.6) with ESMTP id g8B6QIM42767; Wed, 11 Sep 2002 08:26:18 +0200 (CEST) (envelope-from gunnar@oldie.sr.se) Received: from oldie.sr.se (oldie [134.25.200.100]) by honken.sr.se (8.12.3/8.12.3) with ESMTP id g8B6QIAX070204; Wed, 11 Sep 2002 08:26:18 +0200 (CEST) (envelope-from gunnar@oldie.sr.se) Received: from oldie.sr.se (localhost [127.0.0.1]) by oldie.sr.se (8.12.5/8.12.5) with ESMTP id g8B6QHSX046810; Wed, 11 Sep 2002 08:26:17 +0200 (CEST) (envelope-from gunnar@oldie.sr.se) Received: (from gunnar@localhost) by oldie.sr.se (8.12.5/8.12.5/Submit) id g8B6QHHV046809; Wed, 11 Sep 2002 08:26:17 +0200 (CEST) Date: Wed, 11 Sep 2002 08:26:17 +0200 From: Gunnar Flygt To: Mikael Eriksson Cc: FreeBSD Stable Subject: Re: SV: ipf troubles when upgrading from 4.6-RELEASE -> 4.6.2-RELEASE Message-ID: <20020911082617.B46769@sr.se> Reply-To: Gunnar Flygt Mail-Followup-To: Gunnar Flygt , Mikael Eriksson , FreeBSD Stable References: <20020910124942.A41801@sr.se> <000201c25905$6d5300e0$0364a8c0@p1400> Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5.1i In-Reply-To: <000201c25905$6d5300e0$0364a8c0@p1400>; from master33@linux.nu on Tue, Sep 10, 2002 at 10:05:30PM +0200 Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Tue, Sep 10, 2002 at 10:05:30PM +0200, Mikael Eriksson wrote: > Hi! > I noticed, when going from 4.4-RELEASE -> 4.6.2-RELEASE, > that my settings in '/etc/rc.local' didn't work. > I had to remove "-f" from > ipfilter_program="/sbin/ipf -Fa -f" Most likely not to work since the -f switch is to point out which rukes file to use. From man ipf -f This option specifies which files ipf should use to get input from for modifying the packet filter rule lists. so I run ipf with `ipf -Fa -f /etc/ipf.rules` > to > ipfilter_program="/sbin/ipf -Fa" > Having "IPFILTER_DEFAULT_BLOCK" set in kernel, > of course, resulted in blocked traffic when ipf > didn't start properly. > I hope this will be of some help for You. > ******************************************** > Mikael Eriksson > ******************************************** > > -> -----Ursprungligt meddelande----- > -> Från: owner-freebsd-stable@FreeBSD.ORG > -> [mailto:owner-freebsd-stable@FreeBSD.ORG] För Gunnar Flygt > -> Skickat: den 10 september 2002 12:50 > -> Till: FreeBSD Stable > -> Ämne: ipf troubles when upgrading from 4.6-RELEASE -> 4.6.2-RELEASE > -> > -> > -> I upgraded from 4.6-RELEASE -> 4.6.2-RELEASE cvsuped last > -> Friday. After the buildworld, kernelmake, installworld and > -> mergemaster, ipf blocks all traffic tthru the box. The > -> ipf-rules file is the same as before the upgrade. Are there > -> any changes to ipf concerning syntax or rule order between > -> these releases? > -> > -> > -> -- > -> Gunnar Flygt, Postmaster SR > -> > -> To Unsubscribe: send mail to majordomo@FreeBSD.org > -> with "unsubscribe freebsd-stable" in the body of the message > -> > > -- Gunnar Flygt, Postmaster SR To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message