From owner-freebsd-stable Thu Apr 4 14:27:21 2002 Delivered-To: freebsd-stable@freebsd.org Received: from terrasat.ro (lc0.terrasat.ro [81.18.64.17]) by hub.freebsd.org (Postfix) with ESMTP id C09EF37B417 for ; Thu, 4 Apr 2002 14:27:13 -0800 (PST) Received: from razvan (razvan.pi.terrasat.ro [81.18.69.76]) by terrasat.ro (Vircom SMTPRS 4.3.182) with ESMTP id ; Fri, 5 Apr 2002 01:27:11 +0300 From: "Razvan Cremenescu" To: "'ozkan_kirik'" Cc: Subject: RE: IpFilter / IpFireWall Date: Fri, 5 Apr 2002 01:26:27 +0300 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2616 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: Disposition-Notification-To: "Razvan Cremenescu" Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG you should look in LINT file in addition to this : options IPFILTER options IPFILTER_LOG options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 i have something like this and it works just fine... options IPFILTER options IPFIREWALL options IPFIREWALL_DEFAULT_TO_ACCEPT options IPFIREWALL_VERBOSE options DUMMYNET options IPDIVERT options BRIDGE options IPFIREWALL_DEFAULT_TO_ACCEPT -- this is the most important one in the kernel file, otherwise you would lock yourself out. again, check LINT for more information. Razvan Cremenescu, ================================= Network Operations Center Pitesti e-mail: cremenescu@terrasat.ro Tel: +40-48-250015 int. 25 +40-48-251112 int. 25 Mobile: +40-92-685805 ================================= Terra Sat Comp Resita 1700 CS, Romania http://www.terrasat.ro company@terrasat.ro Tel: +40-55-220012 +40-55-220013 Fax: +40-55-220117 ================================= -----Original Message----- From: owner-freebsd-security@FreeBSD.ORG [mailto:owner-freebsd-security@FreeBSD.ORG] On Behalf Of ozkan_kirik Sent: Friday, April 05, 2002 12:57 AM To: freebsd-security@freebsd.org Subject: IpFilter / IpFireWall i am new to FreeBSD. i use freebsd v4.5 Release #0. i am trying to setup an firewall. but i couldnt block or pass any IP. i think i have a mistake about my IPF&IPFW settings. in my kernel: options IPFILTER options IPFILTER_LOG options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=10 but my rules doesnt work. for example: # ipfw add deny tcp from 193.255.128.250 to any **answer is: ipfw: getsockopt(IP_FW_ADD): Protocol not available when i saw this error i get crazy Plx help me... With my best regards. Ozkan KIRIK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message