ipfilter on 6.1
Giorgos Keramidas
keramida at ceid.upatras.gr
Sat Aug 26 22:07:45 UTC 2006
On 2006-08-26 16:05, "J.D. Bronson" <jbronson at wixb.com> wrote:
> At 03:40 PM 8/26/2006, Giorgos Keramidas wrote:
>
> >Don't show us the ipf.conf file you are using, but the output of:
> >
> > % ipfstat -hni
> > % ipfstat -hno
> >
> >Then we can really know what rules you have loaded in IP Filter.
>
>
> # ipfstat -hni
> 2 @1 pass in quick on bge0 all keep state keep frags
>
> # ipfstat -hno
> 1 @1 pass out quick on bge0 all keep state keep frags
> 1 @2 pass out quick on tun0 proto tcp from any to any flags S/FSRPAU
> keep state keep frags
> 1 @3 pass out quick on tun0 proto udp from any to any keep state keep frags
> 0 @4 pass out quick on sppp0 proto icmp from any to any keep state keep
> frags
>
> ...they seem to match exactly.
Weird. This doesn't seem ot include *ANY* block rules at all.
Is this a standard 6.1 installation, or do you have local IP Filter
modifications (like, for instance, a modified 'default' rule which
blocks everything, instead of allowing everything)?
More information about the freebsd-questions
mailing list