Re: Kernel Update / IPFW not working

2011-03-06 Thread Michael Scheidell 
Might be an ipv6 issue.  Try divert ipv4 not ip.

--
Michael Scheidell
CTO SECNAP Network Security
561-948-2259tel:5619482259


-Original message-
From: Dave Johnson ctfree...@gmail.com
To: freebsd-i...@freebsd.org freebsd-i...@freebsd.org, 
freebsd-stable@freebsd.org freebsd-stable@freebsd.org
Sent: Sun, Mar 6, 2011 14:56:12 GMT+00:00
Subject: Kernel Update / IPFW not working

Hi all


An IPFW problem when going from release to stable on 8.2

An help gladly accepted

LOG ON

Flushed all rules.
00010 allow ip from 127.0.0.1 to 127.0.0.1 via lo0
00030 divert 8668 ip from any to any via bge0
ipfw: getsockopt(IP_FW_ADD): Invalid argument
5 allow ip from any to any
Firewall rules loaded.
Starting natd.

rc.conf
defaultrouter=192.168.0.1
gateway_enable=YES
hostname=xxx.xxx.xxx
ifconfig_bge0=inet 192.168.0.11 netmask 255.255.255.0
ifconfig_em0=inet 192.168.1.2 netmask 255.255.255.0
keymap=us.iso
moused_enable=YES
sshd_enable=YES
firewall_enable=YES
firewall_script=/etc/rc.firewall
natd_program=/sbin/natd
natd_enable=YES
natd_interface=bge0
natd_flags=-f /etc/natd.conf
dhcpd_enable=NO
dhcpd_flags=-q
dhcpd_conf=/usr/local/etc/dhcpd.conf
dhcpd_ifaces=em0
dhcpd_withumask=022

natd.conf

interface bge0
use_sockets yes
same_ports yes
log
#redirect_port tcp 192.168.1.189:3389 3389
#redirect_port tcp 192.168.1.53:5500 5500

#!/bin/sh

/sbin/ipfw -f flush
/sbin/ipfw -f pipe flush



#Nat Rules
/sbin/ipfw add 10 allow ip from 127.0.0.1 to 127.0.0.1 via lo0
/sbin/ipfw add 30 divert natd all from any to any via bge0


#Forward to Transparent Proxy Server
#/sbin/ipfw add 10001 fwd 127.0.0.1,3128 tcp from any to any 80
#/sbin/ipfw add 10010 fwd 127.0.0.1,3128 tcp from 10.0.21.2 to any 80

/sbin/ipfw add 10001 fwd 127.0.0.1,3128 tcp from any to any 80


/sbin/ipfw add 5 allow ip from any to any

KERNEL

options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=5
options IPFIREWALL_DEFAULT_TO_ACCEPT
options IPDIVERT
options DUMMYNET

Regards
___
freebsd-i...@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw
To unsubscribe, send any mail to freebsd-ipfw-unsubscr...@freebsd.org
___
freebsd-stable@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to freebsd-stable-unsubscr...@freebsd.org

Re: Clockwork 24 hour crash in 4.5-RELEASE-p5

2002-06-04 Thread Michael Scheidell 


- Original Message -
From: Oliver Crow [EMAIL PROTECTED]
Newsgroups: local.freebsd.stable
Sent: Sunday, June 02, 2002 4:05 PM
Subject: Re: Clockwork 24 hour crash in 4.5-RELEASE-p5



 On Sun, 2 Jun 2002, mikea wrote:

  On Sat, Jun 01, 2002 at 08:37:21PM -0700, Oliver Crow wrote:
  
   I have a FreeBSD 4.5-p5 system that's crashing reliably every 24 hours
+/-
   a few minutes.  It's been doing this ever since I compiled a 4.5-p4
kernel
   on March 25th.  I cvsup'd to 4.5-p5 and recompiled, but it's still
   crashing.

Interesting story but true:

A few years back, a client of ours had a z80 based mpm based system with
three vt100 terminals.
SOMETIME AROUND 5:00PM, EACH DAY (give or take a fews mins) the vt100
terminal on the main system blinked a little and the whols system crashed,
locking out whatever anyone was doing on the other two as well.

They were on a ups, they were on surgr suppressors, the serial cables were
clean, eiii specs, we slowd down the baud rate, still happened.

guess what:  there was a postage meter (read BIG MF MAGNET) on the other
side of the wall.
5pm, just before going home, the receptionist whould 'ch-chunk' about 40
letters.

--
Michael Scheidell
SECNAP Network Security, LLC
(561) 368-9561 [EMAIL PROTECTED]
http://www.secnap.net

 
  Either I'm missing data showing the crash time, or you didn't
  include it. When does this crash happen? Is it during a burst
  of cron-spawned activity?

 It doesn't crash during a burst of cron activity, no.  It doesn't occur at
 exactly the same time each day, it moves around by a few minutes each
 time.  If you reboot manually it'll crash at the same time the next day
 (ie, 24 hours after the reboot).

 Here's the log of reboots during April.  You see it crashed every day
 between the first and the 16th.  Then it didn't crash for 10 days.  I
 rebooted manually on the 26th at 20:19, and it started crashing every
 day again.

 # last -f /var/log/wtmp.1 reboot
 reboot   ~ Tue Apr 30 20:17
 reboot   ~ Mon Apr 29 20:17
 reboot   ~ Sun Apr 28 20:19
 reboot   ~ Sat Apr 27 20:19
 reboot   ~ Fri Apr 26 20:19
 reboot   ~ Fri Apr 26 19:49
 reboot   ~ Tue Apr 16 11:10
 reboot   ~ Tue Apr 16 11:03
 reboot   ~ Mon Apr 15 18:33
 reboot   ~ Sun Apr 14 18:37
 reboot   ~ Sat Apr 13 18:41
 reboot   ~ Fri Apr 12 18:45
 reboot   ~ Thu Apr 11 18:48
 reboot   ~ Thu Apr 11 18:00
 reboot   ~ Tue Apr  9 19:50
 reboot   ~ Mon Apr  8 19:54
 reboot   ~ Sun Apr  7 19:58
 reboot   ~ Sat Apr  6 19:00
 reboot   ~ Fri Apr  5 18:58
 reboot   ~ Thu Apr  4 18:58
 reboot   ~ Wed Apr  3 19:02
 reboot   ~ Tue Apr  2 19:00
 reboot   ~ Mon Apr  1 19:00



 To Unsubscribe: send mail to [EMAIL PROTECTED]
 with unsubscribe freebsd-stable in the body of the message

 ---


To Unsubscribe: send mail to [EMAIL PROTECTED]
with unsubscribe freebsd-stable in the body of the message