i discovered what the problem was/is. I just want to post it here, because i think it is rather strange(and hopefully help other people who have the same problem). It did not only happen with vim, but with some other program's also(feh,nview). BTW i forgot to mention this, i use FreeBSD version 5.1
To find the problem i started with a new ruleset allowing everything on all devices. I then added the standard dangerous packages options(short, ipopts), and i noticed that NFS died when i added the "short" option.
I switched back to the original config and commented that one out, and it worked fine. I only have to guess where the short packages are coming from :S They shouldn't be there I think.(BTW i have a realtech nic so maybee...)
Sugestions are welcome,
Cheers
Vincent Vandalon wrote:
Hi all,
i've set up a firewall with ipfilter. Since i use the deny stance, i needed to jump trough some hoops to get NFS working.
I am currently just manually mapping the ports mountd is using. But it seems to work... for 99%
I am able to do with the mounted nfs disk what i want, i can create new files( 'touch newfile' and vi 'newfile2' and i can write content in the file with vi) i can delete, read.
But(...) when i use viM it will hangs it self. I can't manually kill it(exit-status doesn't matter, it won't die). And i don't get an error, so i have no clue what's wrong. My guess is that it is still busy, looped or something...
So i removed(==recompiled kernel) ipfilter and vim worked fine on the nfs mount. Recompiled my kernel again with ipfilter and vim hang itself again. So it is vim+ipfilter
I think it is still something with my configuration fo ipfilter, i have a basic rules set. I am still in the learning/finetuning phase, but i coulnd't find anything about this on google, onlamp, freebsddiary etc.
Can anybody point me in the right direction?
Regards Vincent
=================config file (sorry comments are in dutch, but still reable in english i guess)===============
#een regel om kleine packages te blokken block in log quick on rl0 from any to any with short
#Alle tcp blokken block in log proto tcp all flags S/SA
#webserver laten zien pass in quick proto tcp from any to any port = www keep state
#ssh door laten pass in quick proto tcp from any to any port = ssh keep state pass in quick proto udp from any to any port = ssh keep state
#pop door laten pass in quick proto tcp from any to any port = pop3 keep state
#imap doorlaten pass in quick proto tcp from any to any port = 143 keep state pass in quick proto udp from any to any port = 143 keep state
#smtp ook maar doolaten, in en uit pass in quick proto tcp from any to any port = 25 keep state pass out quick proto tcp from any to any port = 25 keep state
#nfs pass in quick proto tcp/udp from any to any port = 2049 keep state pass out quick proto tcp/udp from any to any port = 2049 keep state
pass in quick proto tcp/udp from any to any port = 111 keep state pass out quick proto tcp/udp from any to any port = 111 keep state
#hack voor mountd pass in quick proto tcp/udp from any to any port = 1021 keep state pass in quick proto tcp/udp from any to any port = 1023 keep state
#samba doorlaten pass in quick on rl0 proto udp from any to any port = 137 keep state
pass in quick on rl0 proto udp from any to any port = 138 keep state
pass in quick on rl0 proto tcp from any to any port = 139 keep state
#printer pass in quick on rl0 proto tcp/udp from any to any port = 515 keep state
#dns server pass out quick on rl0 proto tcp/udp from any to any port = 53 keep state
#eigen verbindingen toestaan pass out quick on rl0 proto tcp all keep state
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
_______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
