setting up ipfw
Jamie
jamie at gnulife.org
Tue Jul 1 17:50:17 PDT 2003
I am having a very difficult time setting up ipfw on a 4.8
installation. Was wondering if anyone might be able to shed some light on
this.
I followed the directions in the handbook, and I compiled a new kernel
with these options, ( am going for a deny all by default, open services
as necessary philosophy):
options IPFIREWALL
options IPFIREWALL_VERBOSE
options IPFIREWALL_VERBOSE_LIMIT=10
Upon rebooting, I was unable to access the machine from anywhere, which
is fine, because I have console access.
Output of ifconfig -a looks like this:
ifconfig -a
fxp0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
inet 200.88.54.93 netmask 0xffffff00 broadcast 200.88.54.255
inet6 fe80::203:47ff:fe77:8169%fxp0 prefixlen 64 scopeid 0x1
ether 00:03:47:77:81:69
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
lp0: flags=8810<POINTOPOINT,SIMPLEX,MULTICAST> mtu 1500
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
inet6 ::1 prefixlen 128
inet6 fe80::1%lo0 prefixlen 64 scopeid 0x3
inet 127.0.0.1 netmask 0xff000000
ppp0: flags=8010<POINTOPOINT,MULTICAST> mtu 1500
sl0: flags=c010<POINTOPOINT,LINK2,MULTICAST> mtu 552
faith0: flags=8002<BROADCAST,MULTICAST> mtu 1500
the name of the machine is power.bar.com
I want to ssh in from another machine: foo.bar.com with IP address
200.88.34.12.
This is the rule I am adding:
ipfw add allow tcp from 200.88.34.12 to power.bar.com 22
It tells me it can't resolve power.bar.com!
So, I try:
ipfw add allow tcp from 200.88.34.12 to 200.88.54.93 22
It accepts the rule, but I still cannot connect from foo.bar.com.
Anyone have any ideas?
- Jamie
"A friend is someone who lets you have total freedom to be yourself."
More information about the freebsd-questions
mailing list