Date: Fri, 1 Feb 2002 13:41:08 -0600 (CST) From: Rob Zietlow <zietlow@securepipe.com> To: James Housley <jim@thehousleys.net> Cc: hackers@freebsd.org Subject: Re: Possible bug in kernel w/pppoe & ipf ? Message-ID: <Pine.LNX.4.44.0202011336100.12073-100000@buttress.wi.securepipe.com> In-Reply-To: <3C5AED29.B9E6C921@Thehousleys.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Previously smacked into the keyboard > I don't know if this is your problem or not, but.... > > I use IPFW so this may not be the same as ipf, it may also not exist any > more for IPFW either. But I have 1 machine connected vie a cable modem > and dhclient. I have another machine connected via DSL and PPPoE and > dhclient. Both of these machines had to, might not be true any more but > one is in a different country and don't want to mess with it, configure > the kernel to IPFIREWALL_DEFAULT_TO_ACCEPT to ensure the dhclient could > connect on boot. After that I load a more restrictive firewall. But my > basic problem was that during boot, dhclient was being run before the > firewall rules were being loaded. Again, I don't know if this is still > the case. > > Jim > It was pulling an IP address for my DSL provider even with ipf commented out in the rc.conf I would still have issues of "no route to host" From my reading into IPF and playing with it before the pppoe I was still able to talk to local interfaces. when I originally made up my ruleset I started out with "Block all" and went from there and those early days I was able to talk to local hosts from the local machine. This was back in June when I first got my cable modem -- Rob Zietlow Network Security Engineer SecurePipe Madison, WI (608)-294-6940 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.44.0202011336100.12073-100000>