RE: ipf stopped working on 5.3
From: Chris Odell (list_at_rsnnv.com)
Date: 10/25/05
- Previous message: Fernando Gleiser: "Re: ipf stopped working on 5.3"
- In reply to: John Fitzgerald: "ipf stopped working on 5.3"
- Next in thread: John Fitzgerald: "Re: ipf stopped working on 5.3"
- Reply: John Fitzgerald: "Re: ipf stopped working on 5.3"
- Reply: Nathan Goulding: "Re: ipf stopped working on 5.3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: "'John Fitzgerald'" <jjfitzgerald@gmail.com>, <freebsd-security@FreeBSD.org> Date: Tue, 25 Oct 2005 14:28:09 -0700
I had this same problem and found out there is a parimeter that needs to
be added to the kernel config that was not needed previously. When I get
back to my office, I will look it up and send it to you.
Chris Odell
-----Original Message-----
From: owner-freebsd-security@freebsd.org
[mailto:owner-freebsd-security@freebsd.org] On Behalf Of John Fitzgerald
Sent: Tuesday, October 25, 2005 10:33 AM
To: freebsd-security@FreeBSD.org
Subject: ipf stopped working on 5.3
I've had ipf working on a few 5.3 servers for quite awhile. Not too long ago
some developers had to do some coding work and were coming from dynamic
IP's. I (reluctantly) opened up SSH to the world. Immediately I started
seeing the attacks where bots of some sort would try to break in with a
variety of different users.
So, I (thought) I closed it up again and told the developers to use a
dedicated proxy. They did, but I realized that I hadn't actually closed
things off. I was still getting attacked. I had tried, but ipf suddenly
wasn't working. Whenever I would change the firewall rules and ipf -D and
the ipf -E -f /etc/my.rules it would simply return:
1:ioctl(add/insert rule): No such process
I didn't have the time to look into it at the time, but am now trying to
figure it out. Ipf is obviously not working and I don't know why. I have
tried recompiling the kernel a myriad of different ways. With/without ipfw,
with/without ipsec, etc. All to no avail. Is this a bug, did I get hacked?
I have googled this quite a bit and the only thing that I found was possibly
a buildworld scenario where something got updated and it doesn't work now. I
didn't install src so I'm a bit out of luck on that one.
FreeBSD 5.3-RELEASE
OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7d 17 Mar 2004
Cheers,
JJ
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: Fernando Gleiser: "Re: ipf stopped working on 5.3"
- In reply to: John Fitzgerald: "ipf stopped working on 5.3"
- Next in thread: John Fitzgerald: "Re: ipf stopped working on 5.3"
- Reply: John Fitzgerald: "Re: ipf stopped working on 5.3"
- Reply: Nathan Goulding: "Re: ipf stopped working on 5.3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
