IPFW strange events
bsdnewbie at coolarrow.com
Sat Nov 1 08:55:37 PST 2003
This is occurring on a 4.8-RELEASE server using IPFW2...
I have numerous rules that block bogus networks... one of which is:
ipfw add 0104 deny log ip from 126.96.36.199/3 to any
And I know it's working because using "ipfw list" I get:
00104 deny log ip from 188.8.131.52/3 to any
Whenever that rule is active, it's blocking packets - "ipfw show":
00104 21 1148 deny log ip from 184.108.40.206/3 to any
Various services stop working... so I look at /var/log/security and see NUMEROUS entries such as this:
Nov 1 10:30:00 server /kernel: ipfw: 104 Deny TCP 127.0.0.1:1051 127.0.0.1:80 out via lo0
Now I don't see anything in the rule about the localhost address, yet that's what it's blocking. But a little bit ahead of that rule, I do have this one:
ipfw add 082 divert natd all from any to any via fxp0
Would it help to put all the bogus network deny rules ahead of the divert rule?
More information about the freebsd-questions