Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 5 Apr 2002 01:26:27 +0300
From:      "Razvan Cremenescu" <cremenescu@terrasat.ro>
To:        "'ozkan_kirik'" <ozkan_kirik@yahoo.com>
Cc:        <freebsd-stable@FreeBSD.ORG>
Subject:   RE: IpFilter / IpFireWall
Message-ID:  <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAI40GHvEUg0SjdaKTdhTSasKAAAAQAAAAiDUXCtjJ1kapgWbvNnsxLwEAAAAA@terrasat.ro>
In-Reply-To: <a8ii7f+9qbc@eGroups.com>

Next in thread | Previous in thread | Raw E-Mail | Index | Archive | Help
you should look in LINT file

in addition to this : 
options   IPFILTER
options   IPFILTER_LOG
options   IPFIREWALL
options   IPFIREWALL_VERBOSE
options   IPFIREWALL_VERBOSE_LIMIT=10


i have something like this and it works just fine...

options IPFILTER
options IPFIREWALL
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPFIREWALL_VERBOSE
options DUMMYNET
options IPDIVERT
options BRIDGE


options IPFIREWALL_DEFAULT_TO_ACCEPT --  this is the most important one
in the kernel file,
otherwise you would lock yourself out.

again, check LINT for more information.



Razvan Cremenescu,

=================================
Network Operations Center Pitesti

e-mail: cremenescu@terrasat.ro
Tel:    +40-48-250015 int. 25
        +40-48-251112 int. 25
Mobile: +40-92-685805
=================================
Terra Sat Comp
Resita 1700 CS, Romania
http://www.terrasat.ro
company@terrasat.ro 
Tel:    +40-55-220012
        +40-55-220013
Fax:    +40-55-220117
=================================

-----Original Message-----
From: owner-freebsd-security@FreeBSD.ORG
[mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of ozkan_kirik
Sent: Friday, April 05, 2002 12:57 AM
To: freebsd-security@freebsd.org
Subject: IpFilter / IpFireWall


i am new to FreeBSD. 
i use freebsd v4.5 Release #0.

i am trying to setup an firewall.
but i couldnt block or pass any IP.
i think i have a mistake about my IPF&IPFW settings.

in my kernel:
options   IPFILTER
options   IPFILTER_LOG
options   IPFIREWALL
options   IPFIREWALL_VERBOSE
options   IPFIREWALL_VERBOSE_LIMIT=10

but my rules doesnt work.
for example:
# ipfw add deny tcp from 193.255.128.250 to any
**answer is:
ipfw: getsockopt(IP_FW_ADD): Protocol not available

when i saw this error i get crazy

Plx help me...
With my best regards.
Ozkan KIRIK


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAI40GHvEUg0SjdaKTdhTSasKAAAAQAAAAiDUXCtjJ1kapgWbvNnsxLwEAAAAA>