Re: ipf stopped working on 5.3
In some mail from ray@redshift.com, sie said:
>
> At 01:12 PM 10/26/2005 -0400, John Fitzgerald wrote:
> | Another strange symptom is that if I ipf -D and then ipf -E -f
> | /etc/ipf.rules, my terminal (I'm remote) will freeze and I'll be forced to
> | power cycle the server, after which time it will come back up (with no rules
> | running). I'm assuming that after the ipf -E -f /etc/ipf.rules somehow the
> | firewall stops all traffic since apache won't respond to web requests
> | either.
> |
> | As a side note, I did put the sshd server listening on an obscure port so it
> | should take awhile for the bots to find it. The ipf.rules I left at 22 as a
> | testament to it not working. However this obviously isn't a permanent
> | solution as I should be able to get ipf working.
>
> after you make changes to ipf.rules, you should restart ipf like this:
>
> ipf -F a && ipf -f /etc/ipf.rules
many do it like this:
# test new rules for 30 seconds
ipf -If /etc/ipf.rules -s && sleep 30 && ipf -s
The '-I' tells ipf to load /etc/ipf.rules into the "inactive set"
of rules and "-s" says switch active set.
You can flush inactive rules too:
ipf -iFa
and dump them out:
ipfstat -Iio
(IPFilter pioneered this idea)
Darren
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 14 之 14 篇):