Re: Firewall + Cable Modem
A firewall set to accept by default has the last rule in the chain as an accept rule. The opposite goes for deny, whereby the last rule is a deny rule (this is the most common way to set up a firewall). The firewall is not the problem. Leave the inetd running, just comment out all the services you don't need in inetd.conf. Do you use ppp to connect to your ISP via a tunnel? Are you using an internal cable modem? Did you try comment out the DHCP line in your rc.conf? Matt. On Sat, Jan 25, 2003 at 01:16:16PM -0500, Asenchi wrote: From: "Asenchi" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Cc: <[EMAIL PROTECTED]> Subject: RE: Firewall + Cable Modem Date: Sat, 25 Jan 2003 13:16:16 -0500 X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2910.0) Where do you see that my firewall is set to accept by default? how do I disable my firewall without recompiling a kernel? Will firewall_enable="NO" actually work? Won't this just set the default deny rule as the firewall? Why would I run INETD, I am not sure? Most of the errors with DHCLIENT said make sure there are certain services turned off in INETD. Also, there isn't a service listed in INETD that I believe I need to run this machine? Do I? Maybe I am not clear on something... Thank you for your help, I really appreciate it. Curt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Matthew Faircliff Sent: Saturday, January 25, 2003 2:39 PM To: Asenchi Cc: [EMAIL PROTECTED] Subject: Re: Firewall + Cable Modem Hello, It seems to me as though you are running two class C networks for your internal computers (xl0 and rl0) and have your cable modem running under vr0. The NATD stuff looks cool. Disable your firewall (even though it seems to be set to accept by default) and then fix your cable modem. Try commenting out the ifconfig_vr0="DHCP" line in your rc.conf. Why are you not running INETD? Matt. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
RE: Firewall + Cable Modem
Where do you see that my firewall is set to accept by default? how do I disable my firewall without recompiling a kernel? Will firewall_enable="NO" actually work? Won't this just set the default deny rule as the firewall? Why would I run INETD, I am not sure? Most of the errors with DHCLIENT said make sure there are certain services turned off in INETD. Also, there isn't a service listed in INETD that I believe I need to run this machine? Do I? Maybe I am not clear on something... Thank you for your help, I really appreciate it. Curt -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Matthew Faircliff Sent: Saturday, January 25, 2003 2:39 PM To: Asenchi Cc: [EMAIL PROTECTED] Subject: Re: Firewall + Cable Modem Hello, It seems to me as though you are running two class C networks for your internal computers (xl0 and rl0) and have your cable modem running under vr0. The NATD stuff looks cool. Disable your firewall (even though it seems to be set to accept by default) and then fix your cable modem. Try commenting out the ifconfig_vr0="DHCP" line in your rc.conf. Why are you not running INETD? Matt. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: Firewall + Cable Modem
Hello, It seems to me as though you are running two class C networks for your internal computers (xl0 and rl0) and have your cable modem running under vr0. The NATD stuff looks cool. Disable your firewall (even though it seems to be set to accept by default) and then fix your cable modem. Try commenting out the ifconfig_vr0="DHCP" line in your rc.conf. Why are you not running INETD? Matt. To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
Re: Firewall + Cable Modem
On Sat, 25 Jan 2003, Asenchi wrote: > I cannot get my card to remain connected, it keeps dropping its addressing, > or so it appears in IFCONFIG. I have included below outputs of various > processes for you all. Thank you in advance for any help you are able to > offer. With DHCP you get a lease for a certain period of time. Some ISP's have very short lease times; and your system may not be quick enough to get a lease. Another option is that you get your first lease before the firewill is fully set up; but that you cannot negotiate a lease after the firewall is there due to it blocking the negotiation process. Temporarily disabling the firewall(and nat) will tell you this. > Jan 25 03:03:00 world dhclient: Listening on BPF/vr0/00:40:33:5a:74:8a > Jan 25 03:03:00 world dhclient: Sending on BPF/vr0/00:40:33:5a:74:8a > Jan 25 03:03:00 world dhclient: Can't bind to dhcp address: Address already > in use This suggest that your dhclient can not bind to the port it needs. You may want to check what is bound to that port. See 'lsof' and 'netstat'. Dw To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-questions" in the body of the message
