On 2006-08-26 20:31, J.D. Bronson [EMAIL PROTECTED] wrote:
At 07:59 PM 8/26/2006, you wrote:
I'd go for the simpler syntax of:
MYADDR:
! /sbin/ipf -y
well that didnt work either. what a pain. :(
tun0: Warning: /etc/ppp/ppp.linkup: ! /sbin/ipf -y: Invalid command
perhaps its
I got a full load of 6.1p4 installed and all built. I have pppoe and
ipfilter running almost perfect.
Clients can use the machine (as a router) and get out perfectly!
No issues with network performance at all. I am very pleased...until...
I found out that the router itself cant get out 100%.
On 2006-08-26 15:02, J.D. Bronson [EMAIL PROTECTED] wrote:
I got a full load of 6.1p4 installed and all built. I have
pppoe and ipfilter running almost perfect.
Clients can use the machine (as a router) and get out
perfectly! No issues with network performance at all. I am
very
At 03:40 PM 8/26/2006, Giorgos Keramidas wrote:
Don't show us the ipf.conf file you are using, but the output of:
% ipfstat -hni
% ipfstat -hno
Then we can really know what rules you have loaded in IP Filter.
# ipfstat -hni
2 @1 pass in quick on bge0 all keep state keep frags
#
At 04:05 PM 8/26/2006, J.D. Bronson wrote:
# ipfstat -hni
2 @1 pass in quick on bge0 all keep state keep frags
# ipfstat -hno
1 @1 pass out quick on bge0 all keep state keep frags
1 @2 pass out quick on tun0 proto tcp from any to any flags S/FSRPAU
keep state keep frags
1 @3 pass out quick
On 2006-08-26 16:05, J.D. Bronson [EMAIL PROTECTED] wrote:
At 03:40 PM 8/26/2006, Giorgos Keramidas wrote:
Don't show us the ipf.conf file you are using, but the output of:
% ipfstat -hni
% ipfstat -hno
Then we can really know what rules you have loaded in IP Filter.
#
At 05:07 PM 8/26/2006, Giorgos Keramidas wrote:
Weird. This doesn't seem ot include *ANY* block rules at all.
Is this a standard 6.1 installation, or do you have local IP Filter
modifications (like, for instance, a modified 'default' rule which
blocks everything, instead of allowing
On 2006-08-26 17:10, J.D. Bronson [EMAIL PROTECTED] wrote:
At 05:07 PM 8/26/2006, Giorgos Keramidas wrote:
Weird. This doesn't seem ot include *ANY* block rules at all.
Is this a standard 6.1 installation, or do you have local IP Filter
modifications (like, for instance, a modified
At 05:19 PM 8/26/2006, Giorgos Keramidas wrote:
You are implicitly blocking all traffic on the lo0 interface (by the
modified default policy to block all traffic, and missing an explicit
rule to allow lo0 traffic).
When a system tries to connect to itself, it uses lo0/127.0.0.1 and this
is not
On Saturday, August 26, 2006 at 8:02:10 PM, J.D. confabulated:
I got a full load of 6.1p4 installed and all built. I have pppoe and
ipfilter running almost perfect.
Clients can use the machine (as a router) and get out perfectly!
No issues with network performance at all. I am very
On 2006-08-26 17:48, J.D. Bronson [EMAIL PROTECTED] wrote:
At 05:19 PM 8/26/2006, Giorgos Keramidas wrote:
You are implicitly blocking all traffic on the lo0 interface (by the
modified default policy to block all traffic, and missing an
explicit rule to allow lo0 traffic).
When a system tries
At 06:37 PM 8/26/2006, Giorgos Keramidas wrote:
Cool! If this is indeed the fix, let us know :)
If you also feel like it and you are not limited by contract or
other things, I'd be interested to see how you modified IP Filter
to make it use a block by default policy.
Regards,
Giorgos
This
On 2006-08-26 18:52, J.D. Bronson [EMAIL PROTECTED] wrote:
At 06:37 PM 8/26/2006, Giorgos Keramidas wrote:
Cool! If this is indeed the fix, let us know :)
If you also feel like it and you are not limited by contract or
other things, I'd be interested to see how you modified IP Filter
to
Ok guys...now that I have ipfilter working...I need to run a few
commands in /etc/ppp/ppp;linkup and cant figure out the syntax...
% cat /etc/ppp/ppp.linkup
# It is no longer necessary to re-add the default route here as our
MYADDR:
! sh -c /sbin/ipnat -CF -f /etc/ipnat.conf
! sh -c
On 2006-08-26 19:46, J.D. Bronson [EMAIL PROTECTED] wrote:
Ok guys...now that I have ipfilter working...I need to run a few
commands in /etc/ppp/ppp;linkup and cant figure out the syntax...
% cat /etc/ppp/ppp.linkup
# It is no longer necessary to re-add the default route here as our
MYADDR:
At 07:59 PM 8/26/2006, you wrote:
I'd go for the simpler syntax of:
MYADDR:
! /sbin/ipf -y
well that didnt work either. what a pain. :(
tun0: Warning: /etc/ppp/ppp.linkup: ! /sbin/ipf -y: Invalid command
perhaps its time to write a script and simply reference the script
from
16 matches
Mail list logo
