Correct syntax for ipfw to allow local traffic?
life at zone3000.net
Wed Aug 27 04:48:55 PDT 2003
> Hi all,
> I have
> 00100 allow ip from any to any via lo0
> in my firewall script. But although I get lines like
> silakka /kernel: Connection attempt to TCP 127.0.0.1:2000 from
> into my messages log. It is jsst like the firewall although blocks local
> traffic. What should I add or modify to allow traffic via loopback and/or
> from and to 127.0.0.1 ?
/sbin/ipfw -q add 00001 allow ip from 127.0.0.1 to 127.0.0.1 via lo0
I usually configure tyhe firewall in /etc/rc.firewall.
when I modify firewall rules on the remote servers I responsible of, first I
make a copy of rc.firewall, say, rc.firewall.new and make all necessary
changes in _this_ file, then I run "shutdown -r +5min" and only after that
I execute /etc/rc.firewall.new
# /etc/rc.firewall.new nohup &
if it's alright and I'm still there on the server I just kill the shutdown
process, if not, the machine reboots with the old rules...
Best of luck!
> Johan Paul
> freebsd-questions at freebsd.org mailing list
> To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"
More information about the freebsd-questions