Re: Network problem after upgrade from 5.1 to 5.3

Sat, 29 Jan 2005 14:43:43 -0800

At 29.1.2005, you wrote: 
Aleksander Rozman - Andy wrote:

Even after recompiled I couldn't use network. My FreeBSD is used as server and also router for my internal network (using NAT).

firewall_type="/etc/firewall.conf" # Firewall type (see /etc/rc.firewall) 

------- cut -------

firewall.conf   (this is open firewall with added ports for redirection)
=========
add 00050 set 0 divert 8668 ip from any to any
add 00100 set 0 allow ip from any to any
add 00200 set 0 deny ip from any to 127.0.0.0/8
add 00300 set 0 deny ip from 127.0.0.0/8 to any
add 10000 set 0 allow udp from any 4672 to 192.168.44.2 dst-port 4672
add 10001 set 0 allow tcp from any 4662 to 192.168.44.2 dst-port 4662
add 10002 set 0 allow tcp from any 4711 to 192.168.44.2 dst-port 4711
add 65000 set 0 allow ip from any to any


shouldn't firewall_type=
not say something like :
firewall_type=client
or
firewall_type=open
as described in /etc/rc.firewall !?

In older version of FreeBSD (5.1) you had open, simple, unknown, client but if you wanted custom setting from file, you specified file with commands. I tried several other options, including Open (which my file is copied from, plus some added stuff), and whenever I start firewall, all network stops (is blocked). By definition open should allow everything, but in 5.3 it doesn't.

Andy


(assuming that your pasted firewall.conf content is
from /etc/firewall.conf)

_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"


**************************************************************************
*  Aleksander Rozman - Andy  * Fandoms:  E2:EA, SAABer, Trekkie, Earthie *
*     [EMAIL PROTECTED]     * Sentinel, BH 90210, True's Trooper,       *
*    [EMAIL PROTECTED]   * Heller's Angel, Questie, Legacy, PO5,     *
* Maribor, Slovenia (Europe) * Profiler, Buffy (Slayerete), Pretender    *
*     ICQ-UIC: 4911125       *********************************************
*     PGP key available      *    http://www.atechnet.dhs.org/~andy/    *
**************************************************************************

_______________________________________________
freebsd-hackers@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to