IPFW Problems
Paul Schmehl
pauls at utdallas.edu
Tue Apr 18 00:12:20 UTC 2006
--On April 17, 2006 2:29:23 PM -0700 Noah Silverman <noah at allresearch.com>
wrote:
>
> I have a system with a 4.11 Kernel. Unless I'm doing something very
> wrong, there seems to be something odd with ipfw.
>
> Take the following rules:
>
> ipfw add 00280 allow tcp from any to any 22 out via bge0 setup keep- state
> ipfw add 00299 deny log all from any to any out via bge0
> ipfw add 0430 allow log tcp from any to me 22 in via bge0 setup limit
> src-addr 2
> ipfw add 00499 deny log all from any to any in via bge0
>
> In theory, this should allow in SSH and nothing else.
>
> When I install this firewall configuration, I'm locked out of the box.
> An inspection of the logs shows that rule 499 is being triggered by an
> attempted incoming connection.
>
What does "ipfw show" reveal regarding connection stats?
If you're at the console, can you ssh out to some other box?
Paul Schmehl (pauls at utdallas.edu)
Adjunct Information Security Officer
University of Texas at Dallas
AVIEN Founding Member
http://www.utdallas.edu/
More information about the freebsd-questions
mailing list