phantom rules
Gareth de Vaux
bsd at lordcow.org
Thu Sep 9 13:56:19 UTC 2010
Hi all, for some reason these rules get loaded on boot up before the
ones I specify in a file:
00100 0 0 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
00400 0 0 deny ip from any to ::1
00500 0 0 deny ip from ::1 to any
00600 0 0 allow ipv6-icmp from :: to ff02::/16
00700 0 0 allow ipv6-icmp from fe80::/10 to fe80::/10
00800 0 0 allow ipv6-icmp from fe80::/10 to ff02::/16
00900 0 0 allow ipv6-icmp from any to any ip6 icmp6types 1
01000 0 0 allow ipv6-icmp from any to any ip6 icmp6types 2,135,136
I just flush this manually but how do I stop the behaviour properly?
My rc.conf entries:
firewall_enable="YES"
firewall_type="/usr/local/etc/firewall"
firewall_logging="YES"
More information about the freebsd-ipfw
mailing list