Re: ipf stopped working on 5.3
From: Nathan Goulding (nathan.goulding_at_gmail.com)
Date: 10/26/05
- Previous message: John Fitzgerald: "Re: ipf stopped working on 5.3"
- In reply to: Chris Odell: "RE: ipf stopped working on 5.3"
- Next in thread: John Fitzgerald: "Re: ipf stopped working on 5.3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 25 Oct 2005 18:35:25 -0400 To: list@rsnnv.com
ipf: IP Filter: v3.4.35 (336)
Kernel: IP Filter: v3.4.35
Running: yes
Log Flags: 0 = none set
Default: pass all, Logging: available
Active list: 0
Though it does show it as active, it won't process any rules.
-JJ
On 10/25/05, Chris Odell <list@rsnnv.com> wrote:
>
>
> I had this same problem and found out there is a parimeter that needs to
> be added to the kernel config that was not needed previously. When I get
> back to my office, I will look it up and send it to you.
>
> Chris Odell
>
> -----Original Message-----
> From: owner-freebsd-security@freebsd.org
> [mailto:owner-freebsd-security@freebsd.org] On Behalf Of John Fitzgerald
> Sent: Tuesday, October 25, 2005 10:33 AM
> To: freebsd-security@FreeBSD.org
> Subject: ipf stopped working on 5.3
>
> I've had ipf working on a few 5.3 servers for quite awhile. Not too long
> ago
> some developers had to do some coding work and were coming from dynamic
> IP's. I (reluctantly) opened up SSH to the world. Immediately I started
> seeing the attacks where bots of some sort would try to break in with a
> variety of different users.
>
> So, I (thought) I closed it up again and told the developers to use a
> dedicated proxy. They did, but I realized that I hadn't actually closed
> things off. I was still getting attacked. I had tried, but ipf suddenly
> wasn't working. Whenever I would change the firewall rules and ipf -D and
> the ipf -E -f /etc/my.rules it would simply return:
>
> 1:ioctl(add/insert rule): No such process
>
> I didn't have the time to look into it at the time, but am now trying to
> figure it out. Ipf is obviously not working and I don't know why. I have
> tried recompiling the kernel a myriad of different ways. With/without
> ipfw,
> with/without ipsec, etc. All to no avail. Is this a bug, did I get hacked?
>
> I have googled this quite a bit and the only thing that I found was
> possibly
> a buildworld scenario where something got updated and it doesn't work now.
> I
> didn't install src so I'm a bit out of luck on that one.
>
> FreeBSD 5.3-RELEASE
> OpenSSH_3.8.1p1 FreeBSD-20040419, OpenSSL 0.9.7d 17 Mar 2004
>
> Cheers,
> JJ
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org
> "
>
> _______________________________________________
> freebsd-security@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-security
> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org
> "
>
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
- Previous message: John Fitzgerald: "Re: ipf stopped working on 5.3"
- In reply to: Chris Odell: "RE: ipf stopped working on 5.3"
- Next in thread: John Fitzgerald: "Re: ipf stopped working on 5.3"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
