1

ipfw strange rules after reboot

view story
linux-howto

http://serverfault.com – I set this lines in my rc.conf: firewall_enable="YES" firewall_type="/etc/ipfw.rules" cat /etc/ipfw.rules add 02020 deny ip from table(10) to any add 02030 deny ip from table(11) to any dst-port 25 ... But after reboot, ipfw show : 00100 allow ip from any to any via lo0 00200 deny ip from any to 127.0.0.0/8 00300 deny ip from 127.0.0.0/8 to any 00400 deny ip from any to ::1 00500 deny ip from ::1 to any 00600 allow ipv6-icmp from :: to ff02::/16 00700 allow ipv6-icmp from fe80::/10 to fe80::/10 00800 allow ipv6-icmp from fe80::/10 to ff02::/16 00900 allow ipv6-icmp from (HowTos)

u85500's picture
Submitted by u85500 on 08/27/2012

Stories similar to ipfw strange rules after reboot

I am using ipfw nat with the following config

ipfw -q nat 1 config if em0

Which TCP and UDP ranges will the NAT choose its alias ports from?

To protect my website on a shared hosting plan, I added this to my .htaccess file:

<Limit GET HEAD POST> order deny,allow deny from .ru deny from .cn deny from .in deny from .de deny from .cz deny from .kp deny from .kr deny from .ng deny from .pk # other allows go here -- below is just a sample allow from 10.10.10. </Limit>

I ran like that for an entire year without issue.

I have the following ipfw settings on my Mac OS X 10.4 Tiger:

00100 allow ip from any to 123.123.123.123 00110 allow tcp from any to 123.123.123.123 00120 allow udp from any to 123.123.123.123 00130 allow ip from 123.123.123.123 to any 00140 allow tcp from 123.123.123.123 to any 00150 allow udp from 123.123.123.123 to any 65534 deny ip from any to any 65535 allow ip from any to any

I am trying

Hi all,

I am working on a shell script that blocks all incoming and outgoing connections for 10 hours. After then hours everything will be unblocked again.

i am using the ipfw command and put it to sleep the amount of time in seconds.

Code: ipfw -q flush ipfw -f add deny tcp from any to any any keep-state setup sleep 36000 ipfw -q flush this works so far, so good.

I prefer ufw to iptables for configuring my software firewall. After reading about this vulnerability also on askubuntu, I decided to block the fixed IP of the control server: 212.7.208.65.

Edit I have thought that excessive number of "deny" lines are confusing apache into blocking unlisted IPv4 addresses. But comment of @Ladadadada made me pinpoint the exact issue. You can read my old question below.

Server freeze on flushing ipfw 48 weeks 3 days ago

I got strange problem with ipfw on FreeBSD 8.2, the problem is when I'm trying to flush the ipfw , by the following command:

/sbin/ipfw -q -f flush

or

/sbin/ipfw flush and then y

My dedicated server freezes, and ISP need to hard reboot it.

Could anyone help me?

This should be an easy one, but I am seeing conflicting information from google, and would like some clarification. I am trying to block access to a site to all but 1 IP address.

I am adding Allow, Deny and Order directives to the sites-enabled directory. Which of the following is correct?

Order allow, deny Allow From <ip>

or

Order deny, allow Deny From all Allow From <ip>

I've been using denyhosts for a while and I noticed my /etc/hosts.deny is getting rather large. Denyhosts adds IPs to /etc/hosts.deny, and my denyhosts is configured to never purge IPs.

$ wc -l /etc/hosts.deny 22149 /etc/hosts.deny

Might this become a problem? I don't really understand how libwrap works.