Date: Tue, 07 May 2002 07:08:19 -0400 From: Bill Moran <wmoran@potentialtech.com> To: mehrdad nosrati <mehrdad_b@hotmail.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: help Plz. Message-ID: <3CD7B5A3.2070805@potentialtech.com> References: <F101oKIRmgMU9iT6b7M0000d753@hotmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
mehrdad nosrati wrote: > 2)I want to use "ipfw" utility so I've added the following option to > it's kernel.Are them correct?If not what's the correct? > options IPFIREWALL > options IPFIREWALL_VERBOSE > options "IPFIREWALL_VERBOSE_LIMIT"=1000 > options IPFIREWALL_DEFAULT_TO_ACCEPT > config kernel root on wd0 Did you build and install the kernel and reboot according to these instructions: http://www.freebsd.org/handbook/kernelconfig.html Did you then insert to the proper ipfw config lines in /etc/rc.conf, see "man rc.conf". Something like the following will get you started: firewall_enable="yes" firewall_type="open" Note that the "open" type isn't very secure, but you'll have to research /etc/rc.firewall before you can really use any of the more secure firewall types. > 3)The following error message is another problem: > icmp-response bandwidth limit 420/200 pps > icmp-response bandwidth limit 420/200 pps > icmp-response bandwidth limit 420/200 pps This is not really an "error". The system is designed to limit the rate at wich it replies to ICMP messages (commonly "ping") to prevent DoS attacks and other types of problems. You'll see this message if you or someone else tries to ping flood the machine, or port scan it with something like nmap. If you're not the one doing this, then you have some sort of troublemaker on the network messing with the machine. -- Bill Moran Potential Technology http://www.potentialtech.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3CD7B5A3.2070805>