similar to: ipfw: did i forget anything?

I seem to be stumped on this one. I have TCP packets destined to my external interface from 127.0.0.1 (Ack+Reset zero data) with source MAC of my default gateway and I can't seem to block this traffic. Snort picked up the traffic and I have confirmed with tcpdump. So I decided I needed to examine my anti-spoof rules. I already had this one deny ip from any to 127.0.0.0/8 in recv

Hi there, Is there some way to configure ipfw to do traffic normalizing ("scrubbing", as in ipf for OpenBSD)? Is there any tool to do it for FreeBSD firewalling? I've heard that ipf was ported on current, anything else? TIA, /Dorin. __________________________________ Do you Yahoo!? Yahoo! Mail SpamGuard - Read only the mail you want. http://antispam.yahoo.com/tools

I'm not a master of the internet RFCs, but I do believe icmp messages have different types. Now to enable traceroute for IPFW, I might put in a rule like this: ipfw add pass icmp from any to me However, how would I make a rule to limit icmp messages to just those used by traceroute? Can the messages be distinguished as such? A dynamic rule that exists only for the duration of a traceroute

The man page gives this example, however, when I attempt to use it, it seems to block the whole set? Could someone tell me what's going wrong here please. Thanks heaps.. This works, ${fwcmd} add deny log all from any to 203.1.96.1 in via ${oif} This blocks the whole IP block, not just the list? ${fwcmd} add deny log all from any to 203.1.96.0/24{2,6-25,27-154,156-19

Hi, first i must tell you, that my english is not the best, i hav learned my english from manpages and documentation. Please excuse this. I have setted up a Box w/FreeBSD 4.7-RELEASE for connecting to the w3 through an DSL/ATM-Connection. Now i know the stateful handling of firewall-rules under linux with iptables.In the second i have understand that FreeBSD comes with the netfilter-extensions.

Hi, > On Sat, Nov 20, 2004 at 01:32:15PM -0500, Francisco Reyes wrote: >> I have a grown list of IPs that I am "deny ip from ###.### to any". Infected machines, hackers, etc.. >> >> Is there a way to have this list outside of rc.firewall and just read it in? > from man ipfw LOOKUP TABLES Lookup tables are useful to handle large sparse address sets, typically

>Date: Sun, 23 Dec 2007 06:04:02 -0800 (PST) >From: Nash Nipples <trashy_bumper@yahoo.com> >To: freebsd-security@freebsd.org >Subject: Re: IPFW: Blocking me out. How to debug? > >Dear W.D. > >oh come on. i have the same problem. Which problem are we talking about? cut and paste problem. >cut and paste logic: > >#!/bin/sh >#1. count packets >#2.

Hi all, I need some guidance to get my problem fixed. I believe there is an issue with the ''nth'' patch from the patch-o-matic, which is labeled as status ''works''. I have tunnels back and forth across the internet, using ''nth'' to balance packets between different public networks (over the tunnels). I need to access some networks over two

Hi , this probably was asked many times before , but here it goes.. Until now i was using dsl_qos_queue - http://www.sonicspike.net/software/ Which limits outbound traffic and does packet priorites with iptables using MARKed packets.. works very well , I run a ftpserver + webserver so it''s usefull to set these 2 with lowest priority and my multiplayer gaming running on certain UDP ports

Dear syslinux list members, I'm a newbie on this list. I hope I don't offend anyone by being slightly off-topic. I had the problem of wanting multiple Linux distros (i.c. Debian, Ubuntu, OpenSuSE, SuSE, RedHat, CentOS, Fedora) installable from a single PXELinux menu, so I wrote a couple of scripts that do what is described below. The question is whether anyone would be interested in

https://bugzilla.netfilter.org/show_bug.cgi?id=1220 Bug ID: 1220 Summary: Reverse path filtering using "fib" needs better documentation Product: nftables Version: unspecified Hardware: All OS: All Status: NEW Severity: minor Priority: P5 Component: nft

I'm facing a problem with accessing a HTTPd (Apache) jail locally. Consider this jail scenario: /etc/hosts: 127.0.0.1 localhost foo.com 172.16.0.1 apache /etc/natd.conf: use_sockets yes same_ports yes unregistered_only yes redirect_port tcp 172.16.0.1:80 80 redirect_port tcp 172.16.0.1:443 443 /etc/firewall.sh ... ${fwcmd} add divert natd all from any to any via ${oif}(IPFW) ... rl0, my

https://bugzilla.netfilter.org/show_bug.cgi?id=884 Summary: the rule of TEE target with '--oif' option cannot be deleted. Product: iptables Version: 1.4.x Platform: i386 OS/Version: Fedora Status: NEW Severity: minor Priority: P5 Component: iptables AssignedTo:

https://bugzilla.netfilter.org/show_bug.cgi?id=1221 Bug ID: 1221 Summary: "fib" produces strange results with an IPv6 default route Product: nftables Version: unspecified Hardware: x86_64 OS: Debian GNU/Linux Status: NEW Severity: major Priority: P5

Hi, Two quick questions that I can't seem to find answers for using google. 1) is is possible to listen outside an ipfw firewall - that is have ethereal record the packets before ipfw starts dropping them? If so how? 2) Is there an api to ipfw that will let me manipulate rules, query stats etc? I need something faster than running the command line binary? Thanks John

Hi, I'm using kernel FreeBSD 10.0-BETA3 #2 r257635 kernel. I am trying to add port number to ipfw tables. But there is something strange : Problem is easily repeatable. #ipfw table 1 flush #ipfw table 1 add 4899 #ipfw table 1 list ::/0 0 #ipfw table 1 flush #ipfw table 1 add 10.2.3.01 ( not 10.0.0.1, the last 1 has 0 as prefix ) #ipfw table 1 list ::/0 0 #ipfw table 1 delete ::/0

This looks like a very cool feature addition to RELENG_7! Are there any performance penalties that you know of with this built in ? ---Mike At 09:13 PM 7/23/2008, Julian Elischer wrote: >julian 2008-07-24 01:13:22 UTC > > FreeBSD src repository > > Modified files: (Branch: RELENG_7) > contrib/pf/pfctl parse.y > lib/libc/sys

Hi, Is it possible to integrate SNORT with IPFW. I have an entire network behind an IPFW BRIDGE. Just need IDS capability enabled for the network. Just an hint is enough. Any other way I can achieve this in IPFW. -Sunil Sunder Raj

Hi all: Did any one use ipfw with CARP before? is there anything specific about ipfw configurations working with CARP? I have two servers and they configured with CARP. they are working fine except i can't turn on ipfw. I have the exact same configuration except ip addresses; those same rule sets of ipfw work on one server but not on another. Thanks all

Wohoo, finaly i could help Rowland :-p ;-) I follow this as guidance: 1 server ( all in one ) use RID, easy to setup etc, but .. If you go to ... Or have plans to.. 2 servers ( DC + a member ) use backend RID if you dont need access with a windows account to a shared home folder. ( cifs or nfs ) you use a dedicated local "linuxAdmin" for maintanace. ( often the first created