ipf stopped working on 5.3
arne_woerner at yahoo.com
Tue Oct 25 13:27:35 PDT 2005
I think you should try to implement a pf-based and/or a ipfw-based
firewall (both works quite well for me) immediately, so that your
system is not so much endangered... This is just a workaround...
--- John Fitzgerald <jjfitzgerald at gmail.com> wrote:
> I've had ipf working on a few 5.3 servers for quite awhile. Not
> too long ago
> some developers had to do some coding work and were coming from
> IP's. I (reluctantly) opened up SSH to the world. Immediately I
> seeing the attacks where bots of some sort would try to break in
> with a
> variety of different users.
> So, I (thought) I closed it up again and told the developers to
> use a
> dedicated proxy. They did, but I realized that I hadn't actually
> things off. I was still getting attacked. I had tried, but ipf
> wasn't working. Whenever I would change the firewall rules and
> ipf -D and
> the ipf -E -f /etc/my.rules it would simply return:
> 1:ioctl(add/insert rule): No such process
> I didn't have the time to look into it at the time, but am now
> trying to
> figure it out. Ipf is obviously not working and I don't know
> why. I have
> tried recompiling the kernel a myriad of different ways.
> With/without ipfw,
> with/without ipsec, etc. All to no avail. Is this a bug, did I
> get hacked?
> I have googled this quite a bit and the only thing that I found
> was possibly
> a buildworld scenario where something got updated and it doesn't
> work now. I
> didn't install src so I'm a bit out of luck on that one.
> FreeBSD 5.3-RELEASE
> OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7d 17 Mar 2004
> freebsd-security at freebsd.org mailing list
> To unsubscribe, send any mail to
> "freebsd-security-unsubscribe at freebsd.org"
Yahoo! Mail - PC Magazine Editors' Choice 2005
More information about the freebsd-security