wipfw doesn´t accept the conf file

[jerry mysak]

hi
Im copied files to C:\program files\WIPFW and in this directory I made conf with this rulles to rc.fw

#!/bin/sh
#
#

cmd="./ipfw add"

# First flush the firewall rules
./ipfw -q -f flush

#Localhost rules
$cmd 100 pass all from any to any via lo*

# Prevent any traffic to 127.0.0.1, common in localhost spoofing
$cmd 110 deny log all from any to 127.0.0.0/8 in
$cmd 120 deny log all from 127.0.0.0/8 to any in

$cmd 520 deny log all from me to 192.168.4 1500,5432
$cmd check-state
$cmd pass all from me to any out keep-state
$cmd count log ip from any to any

install the firewall, but when I list the rulles, I see only some default settings

C:\Documents and Settings\xxxxx>ipfw list
00100 allow ip from any to any via lo*
00110 deny log ip from any to 127.0.0.0/8 in
00120 deny log ip from 127.0.0.0/8 to any in
00220 check-state
00320 allow ip from me to any keep-state out
00420 count log ip from any to any
65535 allow ip from any to any

Why? When I tryied delete some rulles from conf and reload it, firewall accept the changes. Only new rulles wasn ´t accepted.
Jerry

[s2r]

To load the rules you need to use the batch loadrules.cmd.

Also reading your config file I see that you use sh scripting syntax.

I don't know if windows cmd will interpret that correctly

[Anonymous]

I use to write rules like this in my C:\Windows\System32\ipfw.conf    file.
add 100 check-state
add 101 allow tcp from any to me 80 keep-state setup
add 200 allow tcp from me to any keep-state setup
add 203 allow tcp from me 135-139 to any keep-state setup
add 204 allow tcp from any to me 135-139 keep-state setup
add 300 deny tcp from any to any
add 400 check-state
add 500 allow udp from me to any keep-state
add 501 allow udp from any 135-139 to me
add 600 deny udp from any to any
add 700 allow 47 from any to any
add 710 allow icmp from any to any

and this work gr8 for me.

Regards,
Rizwan.