Date: Tue, 25 Oct 2005 14:28:09 -0700 From: "Chris Odell" <list@rsnnv.com> To: "'John Fitzgerald'" <jjfitzgerald@gmail.com>, <freebsd-security@FreeBSD.org> Subject: RE: ipf stopped working on 5.3 Message-ID: <20051025212826.B315143D76@mx1.FreeBSD.org> In-Reply-To: <5e49673f0510251032w38312bb7kb082b15d97d00082@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I had this same problem and found out there is a parimeter that needs to be added to the kernel config that was not needed previously. When I get back to my office, I will look it up and send it to you. Chris Odell -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org] On Behalf Of John Fitzgerald Sent: Tuesday, October 25, 2005 10:33 AM To: freebsd-security@FreeBSD.org Subject: ipf stopped working on 5.3 I've had ipf working on a few 5.3 servers for quite awhile. Not too long ago some developers had to do some coding work and were coming from dynamic IP's. I (reluctantly) opened up SSH to the world. Immediately I started seeing the attacks where bots of some sort would try to break in with a variety of different users. So, I (thought) I closed it up again and told the developers to use a dedicated proxy. They did, but I realized that I hadn't actually closed things off. I was still getting attacked. I had tried, but ipf suddenly wasn't working. Whenever I would change the firewall rules and ipf -D and the ipf -E -f /etc/my.rules it would simply return: 1:ioctl(add/insert rule): No such process I didn't have the time to look into it at the time, but am now trying to figure it out. Ipf is obviously not working and I don't know why. I have tried recompiling the kernel a myriad of different ways. With/without ipfw, with/without ipsec, etc. All to no avail. Is this a bug, did I get hacked? I have googled this quite a bit and the only thing that I found was possibly a buildworld scenario where something got updated and it doesn't work now. I didn't install src so I'm a bit out of luck on that one. FreeBSD 5.3-RELEASE OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7d 17 Mar 2004 Cheers, JJ _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20051025212826.B315143D76>