I have FreeBSD 5.1 installed with ipfilter compiled into the kernel with
As you can see, I have configured the box as a bridge so the nic's have no
In /etc/sysctl.conf I have added:
In /etc/rc.conf I added:
I have updated my ports as the install man told me at "www.fwbuilder.org"
and followed what they wrote about installing on FreeBSD 5.1.
I used ports to install libfwbuilder and fwbuilder. No errors!
After install i typed "fwbuilder" and it started with no errors.
I do a "insert" "firewall"
Call it "test"
Under OS i choose: FreeBSD
and under software i choose: ipfilter
When asked if firewall runs SNMP i choose "manual"
Under interfaces the "lo0" (127.0.0.1) has allready been choosen.
I add "xl0" and "xl1" with "unnumbered interface" because i run the box as
a bridge and therefor no ip addresses.
When that is done, I add a "deny" rule to both "xl0" and "xl1" and apply
I also "compile" the rules and get no errors.
The BIG problem is that NO rules are active. All traffic runs through!
I then vi /etc/ipf.rules and add:
block in all
block out all
When I then go to the commandline and write:
ipf -Fa -f /etc/ipf.rules
All traffic is blocked!!
What is going on??!!
Thanks for your time.
On Monday, 2004-02-16 at 10:31:47 +0100, lv@... wrote:
> I do a "insert" "firewall"
> Call it "test"
> When that is done, I add a "deny" rule to both "xl0" and "xl1" and apply
> them both.
> I also "compile" the rules and get no errors.
> The BIG problem is that NO rules are active. All traffic runs through!
Did you run ./test.fw at all?
> I then vi /etc/ipf.rules and add:
> block in all
> block out all
What was in that file before?
| lupe@... | http://www.lupe-christoph.de/ |
| "Violence is the resort of the violent" Lu Tze |
| "Thief of Time", Terry Pratchett |