no keep-state and and unpredictable ssh connections
Michael Sierchio
kudzu at tenebras.com
Fri Jul 25 20:47:55 PDT 2003
Darren wrote:
> Hello freebsd-ipfw,
>
> I'm not using keep-state and yet ssh'ing into my FreeBSD 4.8-STABLE
> box does'nt happen every attempt, more like 1 attempt in every 15!
> Incoming ssh connection work fine when firewall is disabled.
>
> My ips obviously changed. This is my rc.firewall script.
>
> Greatly appreciate some guidance, i've read some docs, but am missing
> something.
Is this a firewall-router, or are you trying to protect the box itself?
(In other words, is $myip an address on this box?)
The ruleset could use some refactoring -- that's the polite word -- but
the direction depends on the answer to my question above.
> #!/bin/sh
>
> fwcmd="/sbin/ipfw"
> myip="11.11.203.114"
Uh, Darren, some burly guys with shaved heads and no necks are
going to be knocking on your door any minute now if you use that
address.
They were humorless before 9/11, think of how much fun they are now.
More information about the freebsd-ipfw
mailing list