You are so the man!
That's it. You have no idea how long I've spend looking for this.
Thanks again!
- Original Message -
From: "Andras Kende" <[EMAIL PROTECTED]>
To: "'Gerard Meijer'" <[EMAIL PROTECTED]>;
Sent: Monday, January 03, 2
-Original Message-
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED] On Behalf Of Gerard Meijer
Sent: Monday, January 03, 2005 12:29 PM
To: freebsd-questions@freebsd.org
Subject: ipfw question (FreeBSD 4.11)
I run apache webserver on my server with FreeBSD 4.11
I have a question about i
On 2004-09-20 22:43, adrian kok <[EMAIL PROTECTED]> wrote:
>
> 1/ Recently, my mrtg graph showed many spikes
> "Incoming" in outer interface of the router.
>
> ls it possible to log them and check?
It is. A better approach is to block everything that you don't really
need and then start logging l
Hi Reuben,
Sorry for taking so long to reply. My workstation at work which still
runs Fedora Core RC3 and not a real OS, like FreeBSD, decided to throw
away all outgoing email this morning. Here's a repost extracted from
my =posted mailbox in Mutt [...]
On 2004-06-16 17:04, "Reuben A. Popp" <[E
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Giorgos,
Thanks so much for the quick response on my question :). I more or less took your
rules that you posted,
and tacked on a few more. I belive that what I have is correct, and everything seems
to be working well,
with a few exceptions.
On 2004-06-15 18:31, "Reuben A. Popp" <[EMAIL PROTECTED]> wrote:
> I was tinkering around trying to get my firewall set the way I wanted
> it, but seem to be running into an issue. I know that I have logging
> set in the kernel and in rc.conf, as well as in my ruleset, but for
> some odd reason, t
I think if you read closely you will find out the keep-state option
does not work on the icmp protocol because icmp is stateless
protocol. This does not mean that ipfw will give coding error if
you code it.
You have to have an icmp stateless rule to allow it out and another
to allow it in.
allow
At 12:40 3/19/2004, [EMAIL PROTECTED], wrote:
>If you would
>like I can post my IPFW rules. They are extemly simple for my SSH, POP3,
>SMTP, NTP, IMAP, BIND8 setup...
Please do! Could you also include plain English comments as well?
There are a number of people that find these rules confusing.
> Hi list, I've this network configuration:
>
> router (169.158.120.177)
> server1 (169.158.120.178) running bind (named), tacacs+, exim, and a pop3
> server
> server2 (169.158.120.179) running squid, apache2, mysql, proftpd (is
> acting
> as a GATEWAY)
>
> I've a LAN (192.168.1.0/24) and a breakin
Thanks for all, it has been a great help.
MikeM wrote:
Since I reload the firewall rules remotely, I need the -q option on the
ipfw command, e.g.:
ipfw -q /etc/ipfw.conf
otherwise I lose my ssh connection to the box.
See man ipfw(8) for details on -q
On 3/10/2004 at 8:27 PM Thomas Vogt
Since I reload the firewall rules remotely, I need the -q option on the
ipfw command, e.g.:
ipfw -q /etc/ipfw.conf
otherwise I lose my ssh connection to the box.
See man ipfw(8) for details on -q
On 3/10/2004 at 8:27 PM Thomas Vogt wrote:
|Hi
|
|ipfw flush # deletes all
|ipfw /etc/ipfw.co
On Wed, Mar 10, 2004 at 07:52:06PM +0100, Nagy László Zsolt wrote:
> FreeBSD 5.2 system. My problem is, how can I reload the whole thing? The
/sbin/ipfw -q /path/to/your/custom/rulesetfile
No RTFM intended - there are further options, plese have a look
at the ipfw(8) man page.
Regards,
Hi
ipfw flush # deletes all
ipfw /etc/ipfw.conf # loads all
regards
Thomas
Nagy László Zsolt wrote:
Hi!
I'm using my own ip firewall (firewall_type="/etc/ipfw.conf") on my
FreeBSD 5.2 system. My problem is, how can I reload the whole thing? The
ipfw command is for creating and deleting individ
On Mar 10, 2004, at 1:52 PM, Nagy László Zsolt wrote:
I'm using my own ip firewall (firewall_type="/etc/ipfw.conf") on my
FreeBSD 5.2 system. My problem is, how can I reload the whole thing?
Try "sh /etc/rc.firewall", or "ipfw -p /bin/cat /etc/ipfw.conf". If
you are not on the console of the mac
On Tue, Mar 02, 2004 at 10:39:42PM +0100, C. Kukulies wrote:
> I have setup my FreeBSD box with ASDL (pppoe) and ipfw (rc.firewall with
> type 'simple').
>
> I have finetuned to allow ssh from certain addresses outside, sendmail works,
> but I cannot ping either from inside or from outside.
>
>
On Tue, 11 Nov 2003 12:00:10 - "Simon Gray" <[EMAIL PROTECTED]> probably wrote:
> >630000 0 deny log logamount 100 udp from any to any 119 via
> sis0
> >63000 24 1152 deny log logamount 100 tcp from any to any 135 via sis0
> >630000 0 deny log logamount 100 udp f
Shawn Guillemette wrote:
Looking at ipfw show
630000 0 deny log logamount 100 udp from any to any 119 via sis0
63000 24 1152 deny log logamount 100 tcp from any to any 135 via sis0
630000 0 deny log logamount 100 udp from any to any 135 via sis0
63000 is the rule n
thank you..
Im realy only blocking 135 due to the MSBlaster and others... no Samba yet
- Original Message -
From: "Simon Gray" <[EMAIL PROTECTED]>
To: "Shawn Guillemette" <[EMAIL PROTECTED]>;
<[EMAIL PROTECTED]>
Sent: Tuesday, November 11, 2
>630000 0 deny log logamount 100 udp from any to any 119 via
sis0
>63000 24 1152 deny log logamount 100 tcp from any to any 135 via sis0
>630000 0 deny log logamount 100 udp from any to any 135 via
sis0
>63000 is the rule number correct?
>IM wondering what the other
On Fri, Mar 28, 2003 at 10:34:16AM -0500, Walter wrote:
Date: Fri, 28 Mar 2003 10:34:16 -0500
From: Walter <[EMAIL PROTECTED]>
To: Questions <[EMAIL PROTECTED]>
Subject: ipfw question
Hi all,
I see a strange entry in my mail log from the
ipfw log output. I don't really have a firm grasp
on ipf
>IPFW question in 2.2.8 release?
Ouch! Dummynet was very new and probably best classed as "experimental" in
2.2.8, and even in most of the 3.x line it was a bit flakey. I'm not surprised
you are having trouble with it and I'm also not surprised Luigi is unwilling or
unable to debug obsolete cod
21 matches
Mail list logo