All,
I am having a problem trying to use ippools in my
configuration. I have defined a simple pair of rules and a simply pool
to test with and I am running into problems. My ipf.conf is simply the
following.
block in log quick proto tcp/udp from 128.125.253.114 to any port = 22
block in log quick proto tcp/udp from pool/100 to any port = 22
my ippool.conf is as follows
table role = ipf type = hash number = 100
{ 128.125.253.124/32; 128.125.253.214/32;
};
Connections from 128.125.253.114 are blocked correctly (because if the
first rule), but the IPs in the pool are not blocked. I suspect the
problem has something to do with the fact that the pool definition as
a ! next to in ipfstat -io, but since I am new to ipf and ippools I am
not sure.
[EMAIL PROTECTED] ipf]# ipfstat -io
empty list for ipfilter(out)
block in log quick proto tcp/udp from 128.125.253.114/32 to any port =
22
block in log quick proto tcp/udp from pool/100(!) to any port = 22
Anyone have any idea what I am doing wrong here?
Other potentially usefull information that Phil's FAQ recommends.
[EMAIL PROTECTED] ipf]# uname -a
SunOS msg-mx4.usc.edu 5.9 Generic_118558-19 sun4u sparc
SUNW,Sun-Fire-V240
[EMAIL PROTECTED] ipf]# isainfo -vk
64-bit sparcv9 kernel modules
[EMAIL PROTECTED] ipf]# ifconfig -a
lo0: flags=1000849<UP,LOOPBACK,RUNNING,MULTICAST,IPv4> mtu 8232 index
2
inet 127.0.0.1 netmask ff000000
bge0: flags=1000843<UP,BROADCAST,RUNNING,MULTICAST,IPv4> mtu 1500
index 3
inet 128.125.137.9 netmask ffffffe0 broadcast 128.125.137.31
ether 0:3:ba:51:bc:fd
[EMAIL PROTECTED] ipf]# netstat -rn
Routing Table: IPv4
Destination Gateway Flags Ref Use Interface
-------------------- -------------------- ----- ----- ------ ---------
128.125.137.0 128.125.137.9 U 1 100 bge0
224.0.0.0 128.125.137.9 U 1 0 bge0
default 128.125.137.1 UG 1 659
127.0.0.1 127.0.0.1 UH 1 10 lo0
[EMAIL PROTECTED] ipf]# netstat -i
Name Mtu Net/Dest Address Ipkts Ierrs Opkts Oerrs
Collis Queue
lo0 8232 loopback localhost 269 0 269 0 0
0
bge0 1500 msg-mx4.usc.edu msg-mx4 1381209 0 1284851 0
0 0
[EMAIL PROTECTED] ipf]# ipf -V
ipf: IP Filter: v4.1.13 (592)
Kernel: IP Filter: v4.1.13
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 1
Feature mask: 0x187
[EMAIL PROTECTED] ipf]# ipfstat
bad packets: in 0 out 0
IPv6 packets: in 0 out 0
input packets: blocked 6 passed 1252102 nomatch 469596
counted 0 short 0
output packets: blocked 0 passed 1154179 nomatch 421689
counted 0 short 0
input packets logged: blocked 6 passed 0
output packets logged: blocked 0 passed 0
packets logged: input 0 output 0
log failures: input 0 output 0
fragment state(in): kept 0 lost 0 not fragmented 0
fragment state(out): kept 0 lost 0 not fragmented 0
packet state(in): kept 0 lost 0
packet state(out): kept 0 lost 0
ICMP replies: 0 TCP RSTs sent: 0
Invalid source(in): 0
Result cache hits(in): 782506 (out): 732490
IN Pullups succeeded: 0 failed: 0
OUT Pullups succeeded: 22 failed: 0
Fastroute successes: 0 failures: 0
TCP cksum fails(in): 0 (out): 0
IPF Ticks: 298714
Packet log flags set: (0)
none
--
Chet Burgess
Director, Systems Support
Information Technology Services
University of Southern California
[EMAIL PROTECTED]
213-740-5160
pgpjIPl3YeKs4.pgp
Description: PGP signature
