I am running IPF v3.4.35 in FreeBSD 4.11-RELEASE For the last years I have been running IPF without any problem, but last week after upgrading three machines from FreeBSD 4.9-RELEASE to 4.11-RELEASE, I have been having some issues.
First I needed to recompile the kernel with IPv6 support for IPF to work (Ok, I took care of that) One of the problems I am having is that I cannot make the machine pingable. The problem is in the outbound rules since when I flush them (ipf -Fo), the machine becomes pingable. the weird thing is not even ICMP logs are recorded This is the only set of rules for outbound: ============================================================================ ======= block out log quick on fxp0 all head 30 # Internet Outbound pass out quick on fxp0 proto tcp from any to any keep state keep frags group 30 pass out quick on fxp0 proto udp from any to any keep state keep frags group 30 pass out quick on fxp0 proto icmp from any to any keep state keep frags group 30 ============================================================================ ======== I have also tried the following rule, and the result is the same: pass out quick on fxp0 all keep state keep frags Someone already posted an email in this mailing list on 2004-08-15 17:48:24 saying that :"Everything worked before 3.4.35 was MFC'ed to FreeBSD 4.10-STABLE" Am I missing something? dmesg output ============ IP Filter: v3.4.35 initialized. Default = pass all, Logging = enabled ipf -V ====== ipf: IP Filter: v3.4.35 (336) Kernel: IP Filter: v3.4.35 Running: yes Log Flags: 0 = none set Default: pass all, Logging: available Active list: 0 --- [This e-mail was scanned for viruses by Webjogger's AntiVirus Protection System]
