From owner-freebsd-security Tue Jul 10 18:31:14 2001 Delivered-To: freebsd-security@freebsd.org Received: from web14608.mail.yahoo.com (web14608.mail.yahoo.com [216.136.224.88]) by hub.freebsd.org (Postfix) with SMTP id 85E5A37B401 for ; Tue, 10 Jul 2001 18:31:10 -0700 (PDT) (envelope-from eebert@yahoo.com) Message-ID: <20010711013109.14413.qmail@web14608.mail.yahoo.com> Received: from [64.60.121.146] by web14608.mail.yahoo.com via HTTP; Tue, 10 Jul 2001 18:31:09 PDT Date: Tue, 10 Jul 2001 18:31:09 -0700 (PDT) From: Erik Ebert Reply-To: eebert@alumni.caltech.edu Subject: Re: Cant ping/nslookup To: Francisco Reyes Cc: FreeBSD Security List In-Reply-To: <20010710201436.B22560-100000@zoraida.natserv.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --- Francisco Reyes wrote: > On Tue, 10 Jul 2001, Dru wrote: > > > Hi Francisco, > > > > I don't see any rules to allow UDP. > > I have some rules. I thought I would only include > the "deny" clauses to > show that they all had the "log" option yet nothing > was coming up on > /var/log/security. > . . . > 65535 0 0 deny ip from any to any The default rule, 65535, which gets added automatically by the kernel or something, does not have the log option on. That is almost certainly the rule that is getting hit. What I do is add a rule like: 65534 deny log ip from any to any to catch anything before the default rule kicks in. -- Erik __________________________________________________ Do You Yahoo!? Get personalized email addresses from Yahoo! Mail http://personal.mail.yahoo.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message