System: FreeBSD (i386 ver. 5.4) using latest version of webmin.
If you choose "Activate at boot" then the script /etc/webmin/init/
webmin-ipfilter.sh is added to /etc/rc.local and /etc/rc.shutdown.
Inside that script, the syntax for the command is wrong.
/sbin/ipfstat -F a
But ipfstat doesn't allow any "-F" option (at least in FreeBSD), so it
shows an error on startup.
When adding a new rule with a "Packet source -> Hostname or
address" that has an ip address that has a network prefix (example
192.168.1.0/24) using webmin (with Safari in Mac OS X at least), it
gets added in a strange way that ruins the syntax of the ipf rules file,
and prevents ipf from starting at all.
Try to add rule
"pass in quick on fxp0 from 192.168.1.0/24 to any"
using the GUI and it gets entered in the ipf.conf file as:
"pass in quick on fxp0 from 192.168.1.0 / 24 to any"
(space either side of the slash)
Log in to post a comment.