[IPFW] Trouble with IPFW.

djmentos · Aug 12, 2013

Hello!

I try to enable IPFW, but after it I haven't access to my server. IPFW is cutting everyone.

/var/log/messages

Code:

Aug 8 09:13:28 bsd kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, rule-based forwarding disabled, default to deny, logging disabled

rc.conf

Code:

firewall_enable="YES"
firewall_logging="YES"
firewall_type="UNKNOWN"
firewall_type="/etc/firewall.rules"

/etc/firewall.rules:

Code:

# Flush out the list before we begin.
ipfw -q -f flush

#allow all
ipfw add 100 allow ip from any to any via em0

What am I doing wrong?

SirDice · Aug 12, 2013

djmentos said:
rc.conf

Code:

firewall_type="UNKNOWN" firewall_type="/etc/firewall.rules"

Both refer to the same variable. You probably meant:

Code:

firewall_script="/etc/firewall.rules"

Serge1978 · Aug 13, 2013

What about the other interfaces? Or you have only one on the server? Try something like this instead, if you have two or more interfaces:

Code:

ipfw add 100 allow ip from any to any

djmentos · Aug 14, 2013

Oh, it was the solution - first post.

But @Serge1978, you are right. I have two interfaces, good point, thanks.

djmentos · Aug 22, 2013

I have another question. When I am adding a rule to the configuration, all works fine.

But when I try to add this using the shell, ipfw doesn't ban the user. I tried both:

Code:

# ipfw add deny ip from 112.90.X.X to any
# ipfw -q add deny ip from 112.90.X.X to any

Serge1978 · Aug 23, 2013

You probably forgot rule number?

[IPFW] Trouble with IPFW.

djmentos

SirDice

Administrator

Serge1978

djmentos

djmentos

Serge1978