ipf stopped working on 5.3

Nathan Goulding nathan.goulding at gmail.com
Tue Oct 25 15:35:26 PDT 2005 

ipf: IP Filter: v3.4.35 (336)
Kernel: IP Filter: v3.4.35
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 0

Though it does show it as active, it won't process any rules.

-JJ

On 10/25/05, Chris Odell <list at rsnnv.com> wrote:
>
>
> I had this same problem and found out there is a parimeter that needs to
> be added to the kernel config that was not needed previously. When I get
> back to my office, I will look it up and send it to you.
>
> Chris Odell
>
> -----Original Message-----
> From: owner-freebsd-security at freebsd.org
> [mailto:owner-freebsd-security at freebsd.org] On Behalf Of John Fitzgerald
> Sent: Tuesday, October 25, 2005 10:33 AM
> To: freebsd-security at FreeBSD.org
> Subject: ipf stopped working on 5.3
>
> I've had ipf working on a few 5.3 servers for quite awhile. Not too long
> ago
> some developers had to do some coding work and were coming from dynamic
> IP's. I (reluctantly) opened up SSH to the world. Immediately I started
> seeing the attacks where bots of some sort would try to break in with a
> variety of different users.
>
> So, I (thought) I closed it up again and told the developers to use a
> dedicated proxy. They did, but I realized that I hadn't actually closed
> things off. I was still getting attacked. I had tried, but ipf suddenly
> wasn't working. Whenever I would change the firewall rules and ipf -D and
> the ipf -E -f /etc/my.rules it would simply return:
>
> 1:ioctl(add/insert rule): No such process
>
> I didn't have the time to look into it at the time, but am now trying to
> figure it out. Ipf is obviously not working and I don't know why. I have
> tried recompiling the kernel a myriad of different ways. With/without
> ipfw,
> with/without ipsec, etc. All to no avail. Is this a bug, did I get hacked?
>
> I have googled this quite a bit and the only thing that I found was
> possibly
> a buildworld scenario where something got updated and it doesn't work now.
> I
> didn't install src so I'm a bit out of luck on that one.
>
> FreeBSD 5.3-RELEASE
> OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7d 17 Mar 2004
>
> Cheers,
> JJ
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org
> "
>
> _______________________________________________
> freebsd-security at freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe at freebsd.org
> "
>

More information about the freebsd-security mailing list