Yes, i change my rc.conf already!! when i put my ipf.rules with pass in/out in all
interfaces , i have internet ,but whith my rules i dont, so the problem have to be in
dhcp traffic, this rule i put "pass in quick on ep1 proto udp from any to any port =
68 keep state keep frags" will be sufficie
Ok, i put these rules:
pass in quick on ep0 all
pass out quick on ep0 all
pass in quick on ep1 all
pass out quick on ep1 all
pass in quick on lo0 all
pass out quick on lo0 all
and the firewall have now acess to the internet, so the problem is with my ipf.rules
rules!!
my nat rules are:
map ep
AT ruleset
look like?
- Original Message -
From: "geek" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, August 15, 2003 8:48 PM
Subject: RE: Gateway problemas
I can't ping the outside world from my gateway, and dont have any type of
acess from my gateway
I can't ping the outside world from my gateway, and dont have any type of acess from
my gateway!!
pass in quick on ep0 all
pass out quick on ep0 all
pass in quick on ep1 all
pass out quick on ep1 all
pass in quick on lo0 all
pass out quick on lo0 all
i put these rules, and then the rest of the
out quick on ep1 all
pass in quick on lo0 all
pass out quick on lo0 all
Use this ruleset until you have full connectivity, then go from there!
- Original Message -
From: "geek" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, August 15, 2003 7:50 PM
Subje
Yeah, i recompile my kernel with bpf and now pf is working, but it just works with the
rules "pass in quick all / pass ou quick all", with the rules i post here first, it
doesnt work, so, it's something wrong in my ruleset :(
___
[EMAIL PROTECTED] maili
My bad, I meant you need bpf for dhclient to work.
- Original Message -
From: "Mike Maltese" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Cc: "geek" <[EMAIL PROTECTED]>
Sent: Friday, August 15, 2003 7:03 PM
Subject: Re: Gateway problemas
> You
You need bpf for IP Filter to work!! You can leave gif and faith commented
out.
- Original Message -
From: "geek" <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Friday, August 15, 2003 6:21 PM
Subject: RE: Gateway problemas
Sorry that another post, but i re
Sorry that another post, but i release that i commented these options in my kernel
configuration:
# pseudo-device gif
# pseudo-device faith
# pseudo-device bpf
and these barkeley packet filtering related i read somewhere that interefears in DHCP
server/client, anyone can say if it can be affect
I try and change my ruleset for
pass in all
pass out all
and i reboot the machine, and i haven't internet access anyway, so, i say something
wrong, i dont have internet probably since i re-compile my kernel, so
IPFILTER_DEFAULT_BLOCK can be making all this trouble to me?! and not the rules,
r
> block in log all
> block out log all
You don't need these since you used IPFITLER_DEFAULT_BLOCK (per your last
message). If you want to log blocked traffic, add
block in log quick on ep1 all
at the end of your rules for that interface.
You may want to try setting all interfaces to pass in/ou
I forgot to say the options i put when i recompile the kernel:
options IPFILTER
options IPFILTER_LOG
options IPFILTER_DEFAULT_BLOCK
options RANDOM_IP_ID
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-
12 matches
Mail list logo
