Date: Thu, 12 Oct 2006 18:49:51 +0100 From: "Spiros Papadopoulos" <spap13@googlemail.com> To: "Garrett Cooper" <youshi10@u.washington.edu>, keramida@ceid.upatras.gr, sales@webignite.net Cc: freebsd-questions@freebsd.org Subject: Re: Problems with ipfw and ssh Message-ID: <dab71e150610121049v48047136s6fdfc64217150eae@mail.gmail.com> In-Reply-To: <452E5EC9.5010206@u.washington.edu> References: <000101c6edb0$30dacaf0$0400a8c0@maf> <008f01c6edd0$3f520c40$0200a8c0@ChrisLaptop> <dab71e150610120215s46bec793q4e6edd00b4a55455@mail.gmail.com> <452E5EC9.5010206@u.washington.edu>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi again, On 12/10/06, Garrett Cooper <youshi10@u.washington.edu> wrote: >Based on all the docs I've read about using ipfw, you should put >"ipfw allow all any from any via lo0" somewhere at the top of your >script so all traffic can and will be sent via lo0. I think you are talking about the line below, is this right? /sbin/ipfw -q add 50 allow all from any to any via lo0 It is there.. this is the first line to be met by packets in my /etc/ifpw.rules script it is also one of the default rules coming in /etc/rc.firewall script ...where i copied it from. On 12/10/06, *Chris - WEBignite* <sales@webignite.net> wrote: >I've actually just started seeing this same error. I do have a rule set for >local 127.0.0.1 and an allow for layer2 traffic. >Oct 11 23:59:02 firewall sshd[49200]: fatal: Write failed: Permission denied >I get this error when updating my firewall rules via ssh. Any current ssh >connections are dropped, but I'm able to reinitiate a new connection without >trouble. Could you please let me know what FreeBSD version you are using? On 12/10/06, *Giorgos Keramidas* <keramida@ceid.upatras.gr> wrote: >Yes. See above. The `ipfw -d show' command shown there was >after I looped using SSH from my workstation to another system >and back again. >> Sorry i will not be able to reply again tonight >No problem. Take your time. There is definitely a logical >explanation why this is happening, even if that explanation is >`there is a bug in ipfw and 5.4' :) I turned on the laptop and now everything is working again, as i initially described (I don't have a clue of what happened yesterday) I can ssh the machine as a normal user but cannot su to root. When trying, (from a win machine) with putty it freezes immediately after i enter the root password and the message below is produced on the freebsd box Oct 12 17:58:52 user sshd[838]: fatal: Write failed: Permission denied It is sshd that produces the above, but still i cannot identify what is it trying to do and why permission is denied. I have the option PermitRootLogins=No in my /etc/ssh/sshd_config file, but it was working properly before I enable ipfw Do you think it is a good idea to take ipfw out of the kernel and try enabling it from /etc/rc.conf? Anyway i think i should wait a little more before i proceed with this Do you think that this is a bug? Thanks in advance Spiros
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?dab71e150610121049v48047136s6fdfc64217150eae>