Date: Wed, 26 Oct 2005 23:17:19 -0700 From: ray@redshift.com To: John Fitzgerald <jjfitzgerald@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: ipf stopped working on 5.3 Message-ID: <3.0.1.32.20051026231719.00a842c0@pop.redshift.com> In-Reply-To: <5e49673f0510261012u3ebd85b7if50abd2bbed150f6@mail.gmail.co m> References: <5e49673f0510261001o10ccb473m6c363d651fa78a6c@mail.gmail.com> <3.0.1.32.20051026094825.00d41100@pop.redshift.com> <5e49673f0510261001o10ccb473m6c363d651fa78a6c@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
At 01:12 PM 10/26/2005 -0400, John Fitzgerald wrote: | Another strange symptom is that if I ipf -D and then ipf -E -f | /etc/ipf.rules, my terminal (I'm remote) will freeze and I'll be forced to | power cycle the server, after which time it will come back up (with no rules | running). I'm assuming that after the ipf -E -f /etc/ipf.rules somehow the | firewall stops all traffic since apache won't respond to web requests | either. | | As a side note, I did put the sshd server listening on an obscure port so it | should take awhile for the bots to find it. The ipf.rules I left at 22 as a | testament to it not working. However this obviously isn't a permanent | solution as I should be able to get ipf working. after you make changes to ipf.rules, you should restart ipf like this: ipf -F a && ipf -f /etc/ipf.rules -F will flush your old rules, whereas ipf -D will disable ipf. Try the line above and see if your SSH session remains active after you make changes, etc. Ray
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.1.32.20051026231719.00a842c0>