Date: Tue, 06 Apr 2010 23:35:44 -0600 From: "Erich Jenkins, Fuujin Group Ltd" <erich@fuujingroup.com> To: Pawel Tyll <ptyll@nitronet.pl> Cc: freebsd-ipfw@freebsd.org Subject: Re: rule 00000. Message-ID: <4BBC19B0.8060304@fuujingroup.com> In-Reply-To: <1298035093.20100405114112@nitronet.pl> References: <1298035093.20100405114112@nitronet.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
Pawel Tyll wrote: > Unfortunately FreeBSD 8.0-STABLE #0: Mon Apr 5 08:43:58 CEST 2010 > still has problems. > > ipfw show: > (...) > 65534 44262253 27617819701 allow ip from any to any > 00001 5335 405460 allow ip from me to any dst-port 123 > 00000 0 0 ip from any to any > > Anything I can do to help? > > > _______________________________________________ > freebsd-ipfw@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw > To unsubscribe, send any mail to "freebsd-ipfw-unsubscribe@freebsd.org" Pawel: My skin crawled the moment I read this post. Could you provide a bit more information about this issue? I manage a very large deployment of FreeBSD boxes which are geographically dispersed, and we've started upgrading them to the 8.0 release. My default policy is to deny everything but the services running, so I generally end with a "deny all" statement, and the last thing I want is to lock myself out and have to dispatch a technician... Is this problem localized to any particular architecture? (we have sparc64, amd64 and i386 servers deployed). Is this just the stable branch that's affected, or was this bug also in the ISO release? (I deploy via NFS/FTP/bootp from internal servers hosting the ISO images). Erich M. Jenkins Fuujin Group Limited "You should never, never doubt what no one is sure about." -- Gene Wilder
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BBC19B0.8060304>