I'm having some difficulty getting ipfw to work properly. I currently have
it configured in "simple" mode. The box is running 4.8-STABLE and offers
NAT, DHCP and backup DNS, and acts as a connector between the internal LAN
and the Internet.
The main problem is my SSH connections are getting terminated regularly.
Attempting to reconnect is met with a "host unreachable" error for a few
seconds after being disconnected. I'm also having difficulties with a
certain IMAP server, but I'm not sure if that's a firewall-related issue.
Further, I keep getting the following logged to /var/log/messages:
Jul 2 16:30:21 firewall dhcpd: send_packet: Permission denied
Jul 2 16:30:53 firewall last message repeated 14 times
Jul 2 16:32:46 firewall last message repeated 14 times
Jul 2 16:38:38 firewall last message repeated 83 times
Jul 2 16:38:38 firewall dhcpd: icmp_echorequest 192.168.1.224: Permission
Jul 2 16:38:48 firewall dhcpd: send_packet: Permission denied
Jul 2 16:39:20 firewall last message repeated 8 times
Jul 2 16:41:21 firewall last message repeated 38 times
Jul 2 16:42:48 firewall last message repeated 11 times
Jul 2 16:42:50 firewall dhcpd: icmp_echorequest 192.168.1.214: Permission
I guess this means I'm not serving DHCP - what kind of rule would fix
that? I read somewhere that simply using natd adds statefulness to an
otherwise stateless ipfw configuration. Would an unstateful ipfw setup be
less secure in this case?
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"