FreeBSD 5.1 <-> WinXP Networking Problem UPDATE #2

freebsder freebsder51 at yahoo.com
Sun Jul 18 00:55:12 PDT 2004 

  Hi Chuck,

Thanks for the suggestions.

First off - there was actually a typo in the line:
firewall_script="/etc/rc/firewall
I changed it to:
firewall_script="/etc/rc.firewall"

However, it made no difference to the WinXP box
ability to connect.

Next I tried commenting out that line altogether but
it still did not work(!)  It would not go online.

I then checked out rc.firewall asper you suggestion
and looked under OPEN ... This is what I found:::

############
# If you just configured ipfw in the kernel as a tool
to solve network
# problems or you just want to disallow some
particular kinds of traffic
# then you will want to change the default policy to
open.  You can also
# do this as your only action by setting the
firewall_type to ``open''.
#
#${fwcmd} add 65000 pass all from any to any


# Prototype setups.
#
case ${firewall_type} in
[Oo][Pp][Ee][Nn])
	setup_loopback
	${fwcmd} add 65000 pass all from any to any
	;;

[...]

Do you see a problem in this set-up?

I am considering setting it up in SIMPLE mode but I
want to be able to run the machine in OPEN mode before
I get too fancy with security and firewalls ... you
know?

Thanks again for you help ... please advise.


freebsder wrote:
> This is what I get:
> 
> # ipfw -a list
> 00100 49820 12066079 allow ip from any to any
> 00100     0        0 allow tcp from any to any
> 65535     2       96 deny ip from any to any
> 
> The Second and Third lines don't seem right..  What
do
> I need to do correct the problem here.

The line here:

 >>      firewall_script="/etc/rc/firewall"

...tells IPFW to use a config file that doesn't
contain enough useful 
rules.

Comment out that line, and examine /etc/rc.firewall
instead, and 
reboot.  Then 
take a look at the rules being loaded by the OPEN
firewall type, which 
should 
include a divert rule...

-- 
-Chuck



		
__________________________________
Do you Yahoo!?
Vote for the stars of Yahoo!'s next ad campaign!
http://advision.webevents.yahoo.com/yahoo/votelifeengine/

More information about the freebsd-questions mailing list