Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 1 Oct 2014 15:03:53 -0700
From:      Michael Sierchio <>
To:        John Case <>
Cc:        FreeBSD Questions <>
Subject:   Re: Locked out of FreeBSD EC2 image - trying to figure out why ...
Message-ID:  <>
In-Reply-To: <>
References:  <>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
On Wed, Oct 1, 2014 at 2:23 PM, John Case <> wrote:
> I added this ipfw line to my ec2 image and then rebooted it, and am unable
> to connect over the network now:
> deny ip from,, to any
> deny ip from,,,,
> to any
> The private IP that my instance uses is in the 172.31.xx.xx block, so is it
> my blocking of that is causing the problem ?

Yes. DHCP responses will come from an RFC1918 network, for example.
This is naive and really unnecessary - just use an appropriate EC2
security policy.  If you insist on using ipfw, you'll need to improve
your understanding of how things work.

Also - an elastic IP will not persist across stopping and starting an
instance, and you should associate it using a script inside the
instance when it starts.

- M

Want to link to this message? Use this URL: <>