Correct syntax for ipfw to allow local traffic?
Johan Paul
mailing-lists at johanpaul.com
Wed Aug 27 05:48:51 PDT 2003
>> /sbin/ipfw -q add 00001 allow ip from 127.0.0.1 to 127.0.0.1 via lo0
>
> This won't help. He allready allows "any to any via lo0".
> Anyway, it's not the firewall logging these "Connection attempt to" lines
> to /var/log/messages. What happens here is some proces tries to make a
> connection on a port where no other proces is listening. There can be many
> reasons for this. If you don't want to see these messages anymore put the
> line
>
> net.inet.tcp.log_in_vain=0
>
> in /etc/sysctl.conf
Aah, thanks!! I thought of this myself too after I noticed that the above
line didn't work either. The port 2000 that the process tries to connect
to is, I think, the Sieve port. I am not running Sieve which would explain
the situation. Well, it seems that the firewall is working properly after
all which is the most important thing.
>
> Ruben
--
Johan
More information about the freebsd-questions
mailing list