Ok, i put these rules:
pass in quick on ep0 all
pass out quick on ep0 all
pass in quick on ep1 all
pass out quick on ep1 all
pass in quick on lo0 all
pass out quick on lo0 all
and the firewall have now acess to the internet, so the problem is with my ipf.rules
rules!!
my nat rules are:
map
Yes, i change my rc.conf already!! when i put my ipf.rules with pass in/out in all
interfaces , i have internet ,but whith my rules i dont, so the problem have to be in
dhcp traffic, this rule i put pass in quick on ep1 proto udp from any to any port =
68 keep state keep frags will be
Hey guys, i have a weird problem , that i'm trying to resolve! My network is: a cable
modem connected to the first NIC and the second NIC connected to the switch, and i
decide to reinstall freebsd on my gateway and put new ipf.rules but after i put the
new rules, i dont have access to the
I forgot to say the options i put when i recompile the kernel:
options IPFILTER
options IPFILTER_LOG
options IPFILTER_DEFAULT_BLOCK
options RANDOM_IP_ID
___
[EMAIL PROTECTED] mailing list
block in log all
block out log all
You don't need these since you used IPFITLER_DEFAULT_BLOCK (per your last
message). If you want to log blocked traffic, add
block in log quick on ep1 all
at the end of your rules for that interface.
You may want to try setting all interfaces to pass in/out
I try and change my ruleset for
pass in all
pass out all
and i reboot the machine, and i haven't internet access anyway, so, i say something
wrong, i dont have internet probably since i re-compile my kernel, so
IPFILTER_DEFAULT_BLOCK can be making all this trouble to me?! and not the rules,
Sorry that another post, but i release that i commented these options in my kernel
configuration:
# pseudo-device gif
# pseudo-device faith
# pseudo-device bpf
and these barkeley packet filtering related i read somewhere that interefears in DHCP
server/client, anyone can say if it can be
You need bpf for IP Filter to work!! You can leave gif and faith commented
out.
- Original Message -
From: geek [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, August 15, 2003 6:21 PM
Subject: RE: Gateway problemas
Sorry that another post, but i release that i commented
My bad, I meant you need bpf for dhclient to work.
- Original Message -
From: Mike Maltese [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Cc: geek [EMAIL PROTECTED]
Sent: Friday, August 15, 2003 7:03 PM
Subject: Re: Gateway problemas
You need bpf for IP Filter to work!! You can leave gif
Yeah, i recompile my kernel with bpf and now pf is working, but it just works with the
rules pass in quick all / pass ou quick all, with the rules i post here first, it
doesnt work, so, it's something wrong in my ruleset :(
___
[EMAIL PROTECTED]
quick on ep1 all
pass in quick on lo0 all
pass out quick on lo0 all
Use this ruleset until you have full connectivity, then go from there!
- Original Message -
From: geek [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, August 15, 2003 7:50 PM
Subject: RE: Gateway problemas
Yeah, i
I can't ping the outside world from my gateway, and dont have any type of acess from
my gateway!!
pass in quick on ep0 all
pass out quick on ep0 all
pass in quick on ep1 all
pass out quick on ep1 all
pass in quick on lo0 all
pass out quick on lo0 all
i put these rules, and then the rest of
look like?
- Original Message -
From: geek [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Sent: Friday, August 15, 2003 8:48 PM
Subject: RE: Gateway problemas
I can't ping the outside world from my gateway, and dont have any type of
acess from my gateway!!
pass in quick on ep0 all
pass out quick
13 matches
Mail list logo
