Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 20 Mar 2001 08:39:03 +0100
From:      "Peter Blok" <Peter.Blok@inter.NL.net>
To:        <freebsd-net@freebsd.org>
Subject:   strange problem with ipfilter and 4.3-BETA
Message-ID:  <000001c0b110$d6c98ce0$8a02a8c0@ntpc>
next in thread | raw e-mail | index | archive | help 
Hi,

My system is having an internal interface, named sf0 and external sf3.

I have cvsup'ed 4.3-BETA as of 16 march and have copied the /usr/src/etc/rc*
files to /etc.

In rc.network the invocation of ipfilter is now at the beginning to support
IPFILTER_DEFAULT_BLOCK. When my system reboots it hangs during mountd. My
ipfilter default is pass all. It is broadcasting over the whole portrange

13:16:27.827762 192.168.2.135.2755 > 192.168.2.255.111:  udp 100
13:16:27.839821 192.168.2.135.2757 > 192.168.2.255.111:  udp 100
13:16:27.856121 192.168.2.135.2759 > 192.168.2.255.111:  udp 100
13:16:27.868111 192.168.2.135.2761 > 192.168.2.255.111:  udp 100
13:16:27.884544 192.168.2.135.2763 > 192.168.2.255.111:  udp 100
13:16:27.896617 192.168.2.135.2765 > 192.168.2.255.111:  udp 100
13:16:27.911642 192.168.2.135.2767 > 192.168.2.255.111:  udp 100
13:16:27.924667 192.168.2.135.2769 > 192.168.2.255.111:  udp 100
13:16:27.943656 192.168.2.135.2771 > 192.168.2.255.111:  udp 100
13:16:27.955934 192.168.2.135.2773 > 192.168.2.255.111:  udp 100
13:16:27.972206 192.168.2.135.2775 > 192.168.2.255.111:  udp 100
13:16:27.984050 192.168.2.135.2777 > 192.168.2.255.111:  udp 100
13:16:27.999624 192.168.2.135.2779 > 192.168.2.255.111:  udp 100
13:16:28.011726 192.168.2.135.2781 > 192.168.2.255.111:  udp 100
13:16:28.028199 192.168.2.135.2783 > 192.168.2.255.111:  udp 100
13:16:28.040143 192.168.2.135.2785 > 192.168.2.255.111:  udp 100
13:16:28.056600 192.168.2.135.2787 > 192.168.2.255.111:  udp 100

My ipf.rules contains
pass in quick on lo0
pass out quick on lo0
pass in quick on sf0
pass out quick on sf0

# this part below hasn't been changed. Basically close the interface and
open it up bit by bit

block in on sf3 all
block out on sf3 all


pass out quick on sf3 .......

Any clue what is going on here?

Peter


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-net" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?000001c0b110$d6c98ce0$8a02a8c0>