Hello, This is occurring on a 4.8-RELEASE server using IPFW2...
Advertising
I have numerous rules that block bogus networks... one of which is: ipfw add 0104 deny log ip from 96.0.0.0/3 to any And I know it's working because using "ipfw list" I get: 00104 deny log ip from 96.0.0.0/3 to any Whenever that rule is active, it's blocking packets - "ipfw show": 00104 21 1148 deny log ip from 96.0.0.0/3 to any BUT.... Various services stop working... so I look at /var/log/security and see NUMEROUS entries such as this: Nov 1 10:30:00 server /kernel: ipfw: 104 Deny TCP 127.0.0.1:1051 127.0.0.1:80 out via lo0 Now I don't see anything in the rule about the localhost address, yet that's what it's blocking. But a little bit ahead of that rule, I do have this one: ipfw add 082 divert natd all from any to any via fxp0 Would it help to put all the bogus network deny rules ahead of the divert rule? Stumped, Chris _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
