Date: Fri, 1 Feb 2002 13:21:47 -0600 (CST) From: Rob Zietlow <zietlow@securepipe.com> To: Hackers@freebsd.org Cc: James Housley <jim@thehousleys.net> Subject: Re: Possible bug in kernel w/pppoe & ipf ? Message-ID: <Pine.LNX.4.44.0202011319060.12073-100000@buttress.wi.securepipe.com> In-Reply-To: <3C5AE2C7.A441A760@Thehousleys.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Ahh yes, I knew I forgot something, Thank you Jim. yes My rulest was both the original that worked before the DSL pppoe wackiness. I also had the same routing issues when my /etc/ipf.rules said: pass in all pass out all I still received the "no route to host" message. I also added into my rc.conf "ipfilter_rules="etc/ipf.rules" " as the rc.conf in /etc/defaults/rc.conf had listed in it. Rob Previously smacked into the keyboard > Rob Zietlow wrote: > > > > {snip} > > > would be able to do everything. I modified the GENERIC kernel slowly by > > taking out things I did not need and then adding things in that I wanted. > > My machine stopped working once I added in "option > > IPFILTER_DEFAULT_BLOCK" with this option enabled I had no routing, but > > with this taken out of the kernel or IPFILTER_DEFAULT_ALLOW I was able to > > see the net. I compared the routing tables and they were identical. > > > > Is this a bug that I ran into? Is this been something that's been > > documented but for whatever reason Google didn't bring it up? Just > > thought I would make others aware of it as well so they don't run into the > > same issue that I had. > > > > Okay. You have enabled ipf for firewalling. What are your rules for > ipf? Because with modifing them to allow packets to pass, of course > nothing will with IPFILTER_DEFAULT_BLOCK (deny all packets by default). > > If you do have a ipf rule set you will want to post that to hackers@ > > This is a private message in case I am way off base. > > Jim > -- Rob Zietlow Network Security Engineer SecurePipe Madison, WI (608)-294-6940 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0202011319060.12073-100000>