Date: Fri, 1 Feb 2002 13:21:47 -0600 (CST) From: Rob Zietlow <zietlow@securepipe.com> To: Hackers@freebsd.org Cc: James Housley <jim@thehousleys.net> Subject: Re: Possible bug in kernel w/pppoe & ipf ? Message-ID: <Pine.LNX.4.44.0202011319060.12073-100000@buttress.wi.securepipe.com> In-Reply-To: <3C5AE2C7.A441A760@Thehousleys.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Ahh yes, I knew I forgot something, Thank you Jim. yes My rulest was both
the original that worked before the DSL pppoe wackiness. I also had the
same routing issues when my /etc/ipf.rules said:
pass in all
pass out all
I still received the "no route to host" message. I also added into my
rc.conf "ipfilter_rules="etc/ipf.rules" " as the rc.conf in
/etc/defaults/rc.conf had listed in it.
Rob
Previously smacked into the keyboard
> Rob Zietlow wrote:
> >
>
> {snip}
>
> > would be able to do everything. I modified the GENERIC kernel slowly by
> > taking out things I did not need and then adding things in that I wanted.
> > My machine stopped working once I added in "option
> > IPFILTER_DEFAULT_BLOCK" with this option enabled I had no routing, but
> > with this taken out of the kernel or IPFILTER_DEFAULT_ALLOW I was able to
> > see the net. I compared the routing tables and they were identical.
> >
> > Is this a bug that I ran into? Is this been something that's been
> > documented but for whatever reason Google didn't bring it up? Just
> > thought I would make others aware of it as well so they don't run into the
> > same issue that I had.
> >
>
> Okay. You have enabled ipf for firewalling. What are your rules for
> ipf? Because with modifing them to allow packets to pass, of course
> nothing will with IPFILTER_DEFAULT_BLOCK (deny all packets by default).
>
> If you do have a ipf rule set you will want to post that to hackers@
>
> This is a private message in case I am way off base.
>
> Jim
>
--
Rob Zietlow
Network Security Engineer
SecurePipe
Madison, WI (608)-294-6940
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0202011319060.12073-100000>