On Wed, Aug 27, 2003 at 02:48:50PM +0300, Vitali Malicky typed:
> > Hi all,
> > I have
> > 00100 allow ip from any to any via lo0
> > in my firewall script. But although I get lines like
> > silakka /kernel: Connection attempt to TCP 127.0.0.1:2000 from
> > into my messages log. It is jsst like the firewall although blocks local
> > traffic. What should I add or modify to allow traffic via loopback and/or
> > from and to 127.0.0.1 ?
> /sbin/ipfw -q add 00001 allow ip from 127.0.0.1 to 127.0.0.1 via lo0
This won't help. He allready allows "any to any via lo0".
Anyway, it's not the firewall logging these "Connection attempt to" lines
to /var/log/messages. What happens here is some proces tries to make a
connection on a port where no other proces is listening. There can be many
reasons for this. If you don't want to see these messages anymore put the
> I usually configure tyhe firewall in /etc/rc.firewall.
> when I modify firewall rules on the remote servers I responsible of, first I
> make a copy of rc.firewall, say, rc.firewall.new and make all necessary
> changes in _this_ file, then I run "shutdown -r +5min" and only after that
> I execute /etc/rc.firewall.new
> # /etc/rc.firewall.new nohup &
> if it's alright and I'm still there on the server I just kill the shutdown
> process, if not, the machine reboots with the old rules...
> Best of luck!
> > Regards,
> > Johan Paul
> > _______________________________________________
> > [EMAIL PROTECTED] mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to
> "[EMAIL PROTECTED]"
> [EMAIL PROTECTED] mailing list
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"