Hi guys,
I have searched everywhere and failed to find a solution, hence I write you.
I have installed 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08
UTC 2009 r...@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC amd64
together with ipfw. The problem I have is this, if I am on
Hi guys,
I have searched everywhere and failed to find a solution, hence I write
you.
I have installed 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08
UTC 2009 r...@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC
amd64
together with ipfw. The problem I have is this, if I am
On 26 March 2010 08:02, Peter fb...@peterk.org wrote:
Hi guys,
I have searched everywhere and failed to find a solution, hence I write
you.
I have installed 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08
UTC 2009 r...@mason.cse.buffalo.edu:/usr/obj/usr/src/sys/GENERIC
Thanks Peter,
will give that a try.
regards
Tongai
Peter wrote:
Hi guys,
I have searched everywhere and failed to find a solution, hence I write
you.
I have installed 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08
UTC 2009
Subject: RE: Problems with ipfw and ssh
Hi,
Just a suggestion/query: Do you have you localhost/127.0.0.1 rules defined
to allow all traffic?
Cheers
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
On Behalf Of Spiros Papadopoulos
Sent: Thursday, 12 October 2006 7
to a normal user account properly though
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
]
On Behalf Of Mark Jose
Sent: Wednesday, October 11, 2006 8:41 PM
To: 'Spiros Papadopoulos'; freebsd-questions@freebsd.org;
freebsd-ipfw@freebsd.org
Subject: RE: Problems with ipfw and ssh
Hi again,
On 12/10/06, Garrett Cooper [EMAIL PROTECTED] wrote:
Based on all the docs I've read about using ipfw, you should put
ipfw allow all any from any via lo0 somewhere at the top of your
script so all traffic can and will be sent via lo0.
I think you are talking about the line below, is
Thanks,
On 12/10/06, Chris [EMAIL PROTECTED] wrote:
The thing is... I generally have the kernel setup to allow by default.
Then I
create rules denying traffic as I either know up front, or can deduct from
logging a last rule denying traffic.
IE: the rule you have set to allow any, my same
Hi,
I am trying to configure a firewall using ipfw for a machine running FreeBSD
5.4.
Without NAT.
I am nearly a newbie on this (since i never had time until now..) but still
i believe i understand exactly the
concepts and what needs to be done.
Except the manual page and chapter 26.1 in the
I removed freebsd-ipfw from the recipient list. Please keep `general'
questions in freebsd-questions. The freebsd-ipfw list is, as far as I
know, used for *development* of IPFW; not questions.
On 2006-10-11 22:53, Spiros Papadopoulos [EMAIL PROTECTED] wrote:
Hi,
I am trying to configure a
Giorgo thanks for the immediate reply,
I started yesterday playing with it / testing it, but since i want to
do most of the work remotely, i stuck on this rule and feel like keep
looking until i find the solution. I paste the whole script here just
in case something else is wrong...
Here is my
On 2006-10-12 00:53, Spiros Papadopoulos [EMAIL PROTECTED] wrote:
I started yesterday playing with it / testing it, but since i
want to do most of the work remotely, i stuck on this rule and
feel like keep looking until i find the solution. I paste the
whole script here just in case something
On 12/10/06, Giorgos Keramidas [EMAIL PROTECTED] wrote:
On 2006-10-12 00:53, Spiros Papadopoulos [EMAIL PROTECTED] wrote:
I started yesterday playing with it / testing it, but since i
want to do most of the work remotely, i stuck on this rule and
feel like keep looking until i find the
On 2006-10-12 01:31, Spiros Papadopoulos [EMAIL PROTECTED] wrote:
On 12/10/06, Giorgos Keramidas [EMAIL PROTECTED] wrote:
,
| [EMAIL PROTECTED]:/home/giorgos$ su -
| Password:
| [EMAIL PROTECTED]:/root# ipfw -d show
|
; freebsd-ipfw@freebsd.org
Subject: Problems with ipfw and ssh
Hi,
I am trying to configure a firewall using ipfw for a machine running FreeBSD
5.4.
Without NAT.
I am nearly a newbie on this (since i never had time until now..) but still
i believe i understand exactly the
concepts and what needs
On Thursday 06 April 2006 02:50, Anthony M. Agelastos wrote:
Hello everyone,
Allow me to preface my problem by saying that I am very ignorant when
it comes to networking. I do apologize if this is trivial. In any
event, I enabled the client ifpw firewall located in /etc/
rc.firewall. This
On Thursday 06 April 2006 03:27, Anthony M. Agelastos wrote:
What is the easiest way of making changes to the firewall rules and
applying them so I do not have to reboot each time? I assume a
kldunload ipfw.ko and then a kldload ipfw.ko should do it, but I
don't want to risk doing something
Okay Anthony,
Here is a bit more detail on your IPFW setup. Here is the section of
rc.firewall that is relevant what we've discussed. View this in HTML mode if
you can. I've highlighted changes in red and my own comments in blue. I also
noticed that you use a Netgear router in your setup. You
Hello everyone,
Allow me to preface my problem by saying that I am very ignorant when
it comes to networking. I do apologize if this is trivial. In any
event, I enabled the client ifpw firewall located in /etc/
rc.firewall. This appears to work well for my needs... except for one
You neglected to include the 'add' in your first fwcmd.
You may want to try something simple to start with. I haven't used ipfw in a
while so hopefully my syntax is still good. Here is a simple starting point:
# Allow person SSH access
mip=xxx.xxx.xxx.xxx # IP Address of person
${fwcmd} add
Thank you for your very prompt reply. I tried your suggestion and it
didn't work. I do not know why. Is the location where I place this in
the client profile important?
I have also tried the person's actual IP address as well as the IP
address of the router (just in case it is not doing
Not just that, but it doesn't appear to be logging the events, even
after I added
net.inet.ip.fw.verbose=1
net.inet.ip.fw.verbose_limit=5
to /etc/sysctl.conf and
firewall_logging=YES
into /etc/rc.conf, i see no updates to /var/log/security after the
ssh attempt failed. What am I doing wrong
# Allow person SSH access
mip=xxx.xxx.xxx.xxx
${fwcmd} allow tcp from any to any 22 out setup keep-state
I see two reasons that egress sshd traffic will not match the above
rule. The destination port is incorrect and a syn/ack will not match.
${fwcmd} add
23 matches
Mail list logo
