[webmin-l] ipf trouble

[RYAN M. v. G. <lu...@co...>]

Hello all i am having problems with the ipf module I have the following lin=
es in my rc.conf and see that webmin added a line to the rc.conf also if i =
comment out the line i get errors in the messages log complaining that the =
line is not present.=C2=A0 This is really messing up my firewall as it does=
 not seem to be blocking anything unless i apply the rules manually with th=
is command.=20

ipf -Fa -f /etc/ipf.rules=20


#=C2=A0FIREWALLS=20
gateway_enable=3D"NO"=20

#IPF & IPNAT=20
ipfilter_enable=3D"YES"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0=C2=A0=C2=A0=C2=A0 # Start ipf firewall=20
ipfilter_rules=3D"/etc/ipf.rules"=C2=A0=C2=A0 # loads rules definition text=
 file=20
#ipfilter_rules=3D"/etc/ipfopen.rules"=20

ipmon_enable=3D"YES"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 # Start IP monitor log=20
ipmon_flags=3D"-D /var/log/ipf.log"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=
=A0 # D =3D start as daemon, s =3D log to syslo=20

ipnat_enable=3D"NO"=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 # Start ipnat function=20
ipnat_rules=3D"/etc/ipnat.rules"=C2=A0=C2=A0=C2=A0 # rules definition file =
for ipnat=20

webmin_ipfilter_enable=3D"YES"=20

Also i have the following settings in the ipf module=20

=C2=A0 Display conditions? =09Yes No=20

Display comments? =09Yes No=20

Update cluster servers =09Whenever a change is made=20
When applying the configuration=20


Send NAT configuration to clusters too? =09Yes No=20
System configuration=20

IPfilter firewall configuration file to edit =09

IPfilter NAT configuration file to edit =09

Full path to ipf command =09

Full path to ipfstat command =09

Full path to ipnat command =09

Command to apply configuration =09Just run ipf=20

IPfilter bootup script name =09Automatic=20

IPfilter SMF service name =09None=20

when i try to enable the firewall i keep getting this screen over and over =
forever not sure but i think it has something to do with nat.=C2=A0 However=
 i do not need NAT and would prefer to leave it off.=20

No IPFilter firewall has been setup yet on your system. Webmin can set one =
up for you, to be stored in the file , with the initial settings based your=
 selection of firewall type below..=20

Allow all traffic=20

Do network address translation on external interface:=20

Block all incoming connections on external interface:=20

Block all except SSH and IDENT on external interface:=20

Block all except SSH, IDENT, ping and high ports on interface:=20



Enable firewall at boot time?=20

=C2=A0 Allow all traffic=20

Do network address translation on external interface:=20

Block all incoming connections on external interface:=20

Block all except SSH and IDENT on external interface:=20

Block all except SSH, IDENT, ping and high ports on interface:=20



Enable firewall at boot time?=20

=C2=A0=20



--=20
Computer=C2=A0King=C2=A0&=C2=A0CaN=C2=A0Mail=C2=A0=C2=A0-=C2=A0=C2=A0Sales=
=C2=A0Service=C2=A0Hosting=C2=A0Backup=20

http://www.computerking.ca=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0http://www.canmail.=
org=20

NEW!!!=C2=A0Custom=C2=A0Service=C2=A0Packages=20
Secure=C2=A0IMAP=C2=A0Email=C2=A0-=C2=A0Automated=C2=A0Remote=C2=A0Backups=
=C2=A0-=C2=A0Photo=C2=A0Blogs=C2=A0-=C2=A0Online=C2=A0Accounting=C2=A0Packa=
ges=C2=A0=20



--=20
Computer=C2=A0King=C2=A0&=C2=A0CaN=C2=A0Mail=C2=A0=C2=A0-=C2=A0=C2=A0Sales=
=C2=A0Service=C2=A0Hosting=C2=A0Backup=20

http://www.computerking.ca=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0http://www.canmail.=
org=20

NEW!!!=C2=A0Custom=C2=A0Service=C2=A0Packages=20
Secure=C2=A0IMAP=C2=A0Email=C2=A0-=C2=A0Automated=C2=A0Remote=C2=A0Backups=
=C2=A0-=C2=A0Photo=C2=A0Blogs=C2=A0-=C2=A0Online=C2=A0Accounting=C2=A0Packa=
ges=C2=A0=20