On 2006-10-12 01:31, Spiros Papadopoulos <[EMAIL PROTECTED]> wrote: >On 12/10/06, Giorgos Keramidas <[EMAIL PROTECTED]> wrote: >> ,---------------------------------------------------------------- >> | [EMAIL PROTECTED]:/home/giorgos$ su - >> | Password: ******** >> | [EMAIL PROTECTED]:/root# ipfw -d show >> | 00050 168 30828 allow ip from any to any via lo0 >> | 00100 0 0 deny ip from any to 127.0.0.0/8 >> | 00150 0 0 deny ip from 127.0.0.0/8 to any >> | 00200 0 0 check-state >> | 00210 881 129402 allow tcp from me to any setup keep-state >> | 00211 8 965 allow udp from me to any keep-state >> | 00212 0 0 allow icmp from any to me icmptypes 0,3,4,11 >> | 00212 0 0 allow icmp from me to any >> | 00250 0 0 allow udp from 10.6.0.131 to any dst-port 53 out via re0 >> | 00251 0 0 allow udp from any to 10.6.0.131 dst-port 53 in via re0 >> | 00300 649 92691 allow log logamount 5 tcp from any to any dst-port 22 >> keep-state >> | 65535 154 35966 deny ip from any to any >> | ## Dynamic rules (12): >> | [EMAIL PROTECTED]:/root# >> `---------------------------------------------------------------- >> >> The only changes I made are: >> >> * Use 'any' instead of xx.xxx.x.xx as the UDP address. >> >> * Change ${ip} to my own address >> >> * Change ${nic} to my own interface name >> >> I can connect to other hosts and ssh back into my workstation >> with this ruleset :-/ >> >> Sorry, but I'm not sure why in your case this fails to work. > > Now this is strange. I will try again tomorrow evening more > carefully and i will post any results. > > Initially i sent the mail because of the failure to su as root > (as described also in that post i referenced) after i was > logging in as normal user canonically. So it was working as you > said. But can you su to root after connecting?
Yes. See above. The `ipfw -d show' command shown there was after I looped using SSH from my workstation to another system and back again. > Sorry i will not be able to reply again tonight No problem. Take your time. There is definitely a logical explanation why this is happening, even if that explanation is `there is a bug in ipfw and 5.4' :) _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"