IPFW Problems
Noah Silverman
noah at allresearch.com
Tue Apr 18 00:20:25 UTC 2006
Hi,
I doing this over an SSH connection, so I can't see console.
If I do it wrong, I get locked out and have to initiate a remote
reboot. Fun!
Thanks!
-N
On Apr 17, 2006, at 5:10 PM, Paul Schmehl wrote:
> --On April 17, 2006 2:29:23 PM -0700 Noah Silverman
> <noah at allresearch.com> wrote:
>>
>> I have a system with a 4.11 Kernel. Unless I'm doing something very
>> wrong, there seems to be something odd with ipfw.
>>
>> Take the following rules:
>>
>> ipfw add 00280 allow tcp from any to any 22 out via bge0 setup
>> keep- state
>> ipfw add 00299 deny log all from any to any out via bge0
>> ipfw add 0430 allow log tcp from any to me 22 in via bge0 setup limit
>> src-addr 2
>> ipfw add 00499 deny log all from any to any in via bge0
>>
>> In theory, this should allow in SSH and nothing else.
>>
>> When I install this firewall configuration, I'm locked out of the
>> box.
>> An inspection of the logs shows that rule 499 is being triggered
>> by an
>> attempted incoming connection.
>>
> What does "ipfw show" reveal regarding connection stats?
>
> If you're at the console, can you ssh out to some other box?
>
> Paul Schmehl (pauls at utdallas.edu)
> Adjunct Information Security Officer
> University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu/
More information about the freebsd-questions
mailing list