|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: Baris Simsek (simsek
bimel.com.tr)Date: Fri Apr 05 2002 - 07:44:08 CST
default kernel option is rejecting every packet. you have to add
rule to accept which packets you want. Add this rule to test it:
ipfw add 10000 allow all from any to any
>-------------------------------------------------------------------<
Baris Simsek - UNIX Sys. Adm. - Bimel Elektronik - (+90312) 4342245
http://acikkod.org/
On Fri, 5 Apr 2002, ozkan_kirik wrote:
> after i built my kernel, i couldnt ping to anywhere even router, & i
> couldnt ping to my firewall.
>
> what the problem can be?
>
> the options on kernel are:
>
> IPFIREWALL
> IPDIVERT
> IPFIREWALL_FORWARD
> IPFIREWALL_VERBOSE
> IPFIREWALL_VERBOSE_LIMIT=100
> IPFIREWALL_DEFAULT_TO_ACCEPT
> IPFILTER
> IPFILTER_LOG
> TCPDEBUG
> TCP_DROP_SYNFIN
> DUMMYNET
> IPSTEALTH
> BRIDGE
>
>
> my rc.conf:
>
> ...
> ...
> ...
> inetd_enable="YES"
> ipv6_enable="YES"
> kern_securelevel="2"
> kern_securelevel_enable="YES"
> ipfilter_enable="YES"
> ipfilter_program="/sbin/ipf -FA -f"
> ipfilter_rules="/etc/ipf.rules"
> ipfilter_flags="-E"
> ipmon_enable="YES"
> ipmon_program="/sbin/ipmon"
> ipmonflags="-Ds"
> ipfirewall_enable="YES"
>
>
>
> what can i do?
> by now thx 4 yr help. :)
>
>
> To Unsubscribe: send mail to majordomoFreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
To Unsubscribe: send mail to majordomoFreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]