[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    Re: ipf40a25 state issues
From:       jeff.stelzner () esca ! com
Date:       2003-01-24 20:09:56
[Download RAW message or body]


Guido - Good point.
However this is immediately after reboot, and I made a point of having ipf
startup complete before any interfaces are congured/enabled in run level 3:

---[/sbin/rc3.d]---
S00.05ipf         <==
S00.20random
S00.24cdsa
S00.25ipsec
S00.50ip6host
S00cniffd
S00fnetrain
S00inet           <==
S01quota

where the ipf init.d script essentially does 'ipf -f /etc/ipf.conf' and
'ipmon -D /var/log/ipf.log'.

I would expect that this would also precede any application startup that
expects to make network connections.

If folks have a better way to do this I'm certainly open to suggestions.

-Jeff-



It seems the traffic from xxx.yy.6.248,1246 -> xxx.yy.96.82,80 is not in
the
state table. So probably you just switched you firewall on and it is
now blocking existing connections.

-Guido





[prev in list] [next in list] [prev in thread] [next in thread]