[prev in list] [next in list] [prev in thread] [next in thread]
List: freebsd-security
Subject: Re: ipf stopped working on 5.3
From: Darren Reed <avalon () caligula ! anu ! edu ! au>
Date: 2005-10-27 14:30:56
Message-ID: 200510271430.j9REUuYG011625 () caligula ! anu ! edu ! au
[Download RAW message or body]
In some mail from ray@redshift.com, sie said:
>
> At 01:12 PM 10/26/2005 -0400, John Fitzgerald wrote:
> | Another strange symptom is that if I ipf -D and then ipf -E -f
> | /etc/ipf.rules, my terminal (I'm remote) will freeze and I'll be forced to
> | power cycle the server, after which time it will come back up (with no rules
> | running). I'm assuming that after the ipf -E -f /etc/ipf.rules somehow the
> | firewall stops all traffic since apache won't respond to web requests
> | either.
> |
> | As a side note, I did put the sshd server listening on an obscure port so it
> | should take awhile for the bots to find it. The ipf.rules I left at 22 as a
> | testament to it not working. However this obviously isn't a permanent
> | solution as I should be able to get ipf working.
>
> after you make changes to ipf.rules, you should restart ipf like this:
>
> ipf -F a && ipf -f /etc/ipf.rules
many do it like this:
# test new rules for 30 seconds
ipf -If /etc/ipf.rules -s && sleep 30 && ipf -s
The '-I' tells ipf to load /etc/ipf.rules into the "inactive set"
of rules and "-s" says switch active set.
You can flush inactive rules too:
ipf -iFa
and dump them out:
ipfstat -Iio
(IPFilter pioneered this idea)
Darren
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic