Re: strange problem with ipfw and rc.conf

From: Mikhail Goriachev <mikhailg@xxxxxxxxxxxxx>
Date: Fri, 27 Jan 2006 13:20:46 +1100

gahn wrote:
> Hi all:
>
> I have strange probelm with rc.conf. I set up ipfw
> (compiled into kernel) on freebsd-5.4 and it doesn't
> seem to load ipfw rulesets (it uses default ruleset
> 65335 locking out everything). I have to do "sh
> /etc/ipfw.rules" in order to load the rulesets, once I
> did that, I can access the box from remote locations
>
> [...]

> ipfilter_rules="/etc/ipf.rules"

Hi,

Your rc.conf looks for ipf.rules instead of ipfw.rules files. Adding the
missing "w" may solve your problem.

Mikhail.

--
Mikhail Goriachev
Systems Administrator
Naval Radio

Telephone: +61 (0)3 62252501
Mobile Phone: +61 (0)4 38255158
E-Mail: mikhailg@xxxxxxxxxxxxx
Web: http://www.navalradio.cl

PGP Key ID: 0x4E148A3B
PGP Key Fingerprint: D96B 7C14 79A5 8824 B99D 9562 F50E 2F5D 4E14 8A3B

Attachment:signature.asc
Description: OpenPGP digital signature

References:
- strange problem with ipfw and rc.conf
  - From: gahn

Prev by Date: Re: strange problem with ipfw and rc.conf
Next by Date: Re: strange problem with ipfw and rc.conf
Previous by thread: Re: strange problem with ipfw and rc.conf
Next by thread: Re: strange problem with ipfw and rc.conf
Index(es):
- Date
- Thread

Relevant Pages

Re: strange problem with ipfw and rc.conf
... I set up ipfw ... > (compiled into kernel) on freebsd-5.4 and it doesn't ... > seem to load ipfw rulesets (it uses default ruleset ... Mikhail Goriachev ...
(freebsd-questions)
Re: FreeBSD Gateway problems
... >speed connection for 3 years now, and I've just gotten it back. ... >Well all these other How-Tos I found on FreeBSDDiary.org told me all I needed ... To use ipfw adding these options to your kernel is a good place to start: ...
(freebsd-questions)
Re: natd -redirect_port
... > into the kernel. ... > IPFW is delivered as an bootable module. ... > You need this in rc.conf to enable ipfw, ...
(freebsd-questions)
Firewall and nmap
... I'm compiled a Kernel using the GENERIC config-file that ... So I flushed all rools for the firewall with ipfw flush (the still ... my kernel, ipfw -c list told me that this is true.) ... Anyway, nothing changes, all ports seem to be closed running nmap, ...
(freebsd-questions)
Re: [PATCH] ng_tag - new netgraph node, please test (L7 filtering possibility)
... For simple using, however, you don't need to bother all that details - just remember magic number and where to place it, and it is now simple for use with ipfw tags. ... Currently the only analyzing node in FreeBSD src tree is ng_bpf, but it merely splits incoming packets in two streams, matched and not. ... There are reasons to this, as netgraph needs to be modular, and each node does a small thing, but does it well. ... For long time ng_bpf was used for another purposes in the kernel, and now, as new ipfw features appeared, ng_tag came up for easy integration. ...
(freebsd-current)