by Davi » Fri, 07 Jul 2000 04:00:00
by Pete » Fri, 07 Jul 2000 04:00:00
Therefore, any packets that match rule 1 in your example, will never be tested
against rules 2 & 3 as you have already allowed them to pass.
If you remove the "quick" keyword from rule 1, then packets that match rule 1
will still be tested against rules 2 & 3.
Peter.
pdebono at chello point nl
rule groups work with ipf >but this i don't understand if I have this
Quote:>1: pass in log quick on ne3 from any to any head 20 (numbers are for
>reference)
>2: pass in quick on ne3 proto tcp/udp from 24.88.1.66 to any port =
>53 group 20
>3: pass in quick on ne3 proto tcp/udp from 24.88.1.67 to any port =
>53 group 20
>does rule #1 nullify rules 2 and 3 and everything gets passed or what? this
>i don't understand this is not my complete ipf.rules file have no worries. I
>just think that rule #1 is bypassing rules #2,3 should i take out quick or
>what? Any help will be greatly apperciated thanks.....
>David
by Davi » Fri, 07 Jul 2000 04:00:00
Therefore, any packets that match rule 1 in your example, will never be
tested
against rules 2 & 3 as you have already allowed them to pass.
If you remove the "quick" keyword from rule 1, then packets that match rule
1
will still be tested against rules 2 & 3.
Peter.
pdebono at chello point nl
how the
rule groups work with ipf >but this i don't understand if I have this
Quote:>1: pass in log quick on ne3 from any to any head 20 (numbers are for
>reference)
>2: pass in quick on ne3 proto tcp/udp from 24.88.1.66 to any port
=
>53 group 20
>3: pass in quick on ne3 proto tcp/udp from 24.88.1.67 to any port
=
>53 group 20
>does rule #1 nullify rules 2 and 3 and everything gets passed or what? this
>i don't understand this is not my complete ipf.rules file have no worries.
I
>just think that rule #1 is bypassing rules #2,3 should i take out quick or
>what? Any help will be greatly apperciated thanks.....
>David
1. ipf errors reading ipf.rules
i compiled ipf 3.4.28 on my openbsd 3.0 ultra-sparc5 box even with kernel
support and restarted the box.
i created an /etc/ipf.rules file and tried to load my rules.
but i got a lot of errors.
open device: No such file or directory
ioctl(SIOCIPFFL): Bad file descriptor
open device: No such file or directory
ioctl(SIOCIPFFL): Bad file descriptor
open device: No such file or directory
[pass in quick on lo0 all]
pass in quick on lo0(!) from any to any
9:ioctl(add/insert rule): Bad file descriptor
[block in quick all with ipopts]
block in quick from any to any with ipopt
17:ioctl(add/insert rule): Bad file descriptor
[block in quick all with short]
block in quick from any to any with short
25:ioctl(add/insert rule): Bad file descriptor
[block in quick all with frag]
block in quick from any to any with frag
33:ioctl(add/insert rule): Bad file descriptor
[block in quick proto tcp all flags FUP]
block in quick proto tcp from any to any flags FPU/FSRPAUC
40:ioctl(add/insert rule): Bad file descriptor
[block in quick on ep0 from 192.168.0.0/16 to any]
block in quick on ep0(!) from 192.168.0.0/16 to any
47:ioctl(add/insert rule): Bad file descriptor
[block in quick on ep0 from 172.16.0.0/12 to any]
block in quick on ep0(!) from 172.16.0.0/12 to any
48:ioctl(add/insert rule): Bad file descriptor
[block in quick on ep0 from 127.0.0.0/8 to any]
block in quick on ep0(!) from 127.0.0.0/8 to any
49:ioctl(add/insert rule): Bad file descriptor
[block in quick on ep0 from 10.0.0.0/8 to any]
block in quick on ep0(!) from 10.0.0.0/8 to any
50:ioctl(add/insert rule): Bad file descriptor
[pass in quick on ep0 proto tcp/udp from any port = 22 to any port = 22 keep state ]
pass in quick on ep0(!) proto tcp/udp from any port = ssh to any port = ssh keep state
56:ioctl(add/insert rule): Bad file descriptor
[block in quick all]
block in quick from any to any
67:ioctl(add/insert rule): Bad file descriptor
open device: No such file or directory
SIOCFRENB: Bad file descriptor
i think my /etc/ipf.rules file is correct, because the same ipf rule file
runs on a freebsd box. i just adjusted the device names and ip's
do you have an idea what could be wrong here?
thanks in advance
pat
2. e icons
3. ipf.conf /ipf.rules/ ipnat.rules or conf
4. KBytes
7. PF vs IPF keep state rules (was 'ipf to pf rules conversion problems')
8. Dual-boot script for Yaboot not working
11. getting around passwd construction constraints.
12. Destructor called with out construction
13. Proper Password Construction Techinques