ipfw keep-state (ASAP anwser need)
Gregory Edigarov
greg at profi.kharkov.ua
Tue Dec 9 02:23:04 PST 2003
Hello,
The folowing is a fragment of my rc.firewall which must
allow all
traffic in and out of my named.
----
ipfw add 4100 allow udp from me to any 53 keep-state
ipfw add 4200 allow udp from any to me 53
ipfw add 4300 allow udp from me 53 to any
---
This is a fragment from my kernel configuration:
---
options IPFIREWALL #firewall
options IPFIREWALL_VERBOSE #enable logging to syslogd(8)
options IPFIREWALL_FORWARD #enable transparent proxy support
options IPFIREWALL_VERBOSE_LIMIT=100 #limit verbosity
options IPDIVERT #divert sockets
options IPSTEALTH
options ICMP_BANDLIM
options DUMMYNET
options BRIDGE
options IPFW2
---
It doesn't work. What am I missing?
--
With best regards,
Gregory Edigarov
------------------------------------------------------------------------------
profi.kharkov.ua Systems Administrator
------------------------------------------------------------------------------
More information about the freebsd-ipfw
mailing list