Date: Tue, 17 Dec 2002 15:52:10 +0100 From: Roman Neuhauser <neuhauser@bellavista.cz> To: freebsd-questions <freebsd-questions@freebsd.org> Cc: Keith Spencer <bsd2000au@yahoo.com.au> Subject: Re: ipf -> IPFILTER_DEFAULT_BLOCK ...This is not working as predicted! Help? Message-ID: <20021217145210.GA45336@freepuppy.bellavista.cz> In-Reply-To: <20021217102839.C52840-100000@cactus.fi.uba.ar> References: <20021217122916.61123.qmail@web12002.mail.yahoo.com> <20021217102839.C52840-100000@cactus.fi.uba.ar>
next in thread | previous in thread | raw e-mail | index | archive | help
# fgleiser@cactus.fi.uba.ar / 2002-12-17 10:32:40 -0300:
> On Tue, 17 Dec 2002, Keith Spencer wrote:
> > Marty Schlacter is obviously the man. I am following his firewall
> > tute religiously but I am doing something wrong!
> > I have an ipf.rules EXACTLY like his. Works a treat...but only if I
> > remove the kernel ipfilter_default_block option.
> > If it is in there...it blocks way too well.
> > Everything.
> > What is going on here or has Marty got it all wrong?
>
> Are you using the 'quick' keyword? If you don't, ipf uses a last-match
> checking, and the last rule is 'block all'
>
> See the IPF HOWTO for details.
right. the url: http://www.obfuscation.org/ipf/ipf-howto.html
--
If you cc me or remove the list(s) completely I'll most likely ignore
your message. see http://www.eyrie.org./~eagle/faqs/questions.html
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021217145210.GA45336>