From owner-freebsd-stable  Tue Jul 17 23:55:18 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from voyager.myzona.net (dsl027-179-063.sfo1.dsl.speakeasy.net [216.27.179.63])
	by hub.freebsd.org (Postfix) with ESMTP id C0AEC37B401
	for <freebsd-stable@freebsd.org>; Tue, 17 Jul 2001 23:55:15 -0700 (PDT)
	(envelope-from alex@myzona.net)
Received: from parkson (adsl-64-172-25-69.dsl.sntc01.pacbell.net [64.172.25.69])
	by voyager.myzona.net (8.11.4/8.11.4) with SMTP id f6I6pi909957
	for <freebsd-stable@freebsd.org>; Tue, 17 Jul 2001 23:51:44 -0700 (PDT)
	(envelope-from alex@myzona.net)
Message-ID: <000701c10f56$34e1c560$9601a8c0@parkson>
Reply-To: "Alex M" <alex@myzona.net>
From: "Alex M" <alex@myzona.net>
To: "FreeBSD STABLE" <freebsd-stable@freebsd.org>
Subject: ipfw not running custom rulesets
Date: Tue, 17 Jul 2001 23:52:25 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2479.0006
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2479.0006
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

Hello All,

I have cvsuped to -stable on Jul 7, after the system seemed ok, I have built
a custom kernel with IPFIREWALL and IPFIREWALL_DEFAULT_TO_ACCEPT options in
it.

Now, on 4.2-R it was ok, but on 4.3-S somewhy ipfw refuses to run my custom
ruleset on boot up.

voyager# cat /etc/rc.conf | grep firewall
firewall_enable="YES"
firewall_script="/etc/rc.firewall"
firewall_type="/etc/ipfw.rules"
firewall_quiet="YES"

voyager# cat /etc/ipfw.rules
/sbin/ipfw -f flush
/sbin/ipfw add 2 prob 0.5 deny icmp from any to any in icmptypes 8
/sbin/ipfw add 150 deny tcp from any to any 111,587,3306
/sbin/ipfw add 151 deny udp from any to any 111,587,3306

So i have to load these rules manually.
Any ideas?

Another thing is, where also on -release it was ok, and in -stable cron
behaves strangely, when it runs some job from /etc/crontab, the process
cron: running job (cron) just stucks in 'ps aux'.

Thanks.

-=-=-=-
Regards,

Alex M aka TZapper
alex@myzona.net



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message