On Tue, May 28, 2002 at 02:39:03PM -0600, Jeff Jirsa wrote: > On Tue, 28 May 2002, Irwan Hadi wrote: > > > Dear All, > > > > compiled successfully. But why after I recompile the kernel for the > > second time, with > > options IPFIREWALL > > options IPFIREWALL_VERBOSE > > options IPFIREWALL_VERBOSE_LIMIT=10 according to > > http://www.freebsd.org/handbook/firewalls.html, the server can't be > > ping-ed anymore ? > > I did check the configuration using /usr/bin/config my-kernel, and it > > worked just fine, and there was no error in the make depend, and make > > stage. > > Does anyone has ever got the same problem ? May I know it A.S.A.P, > > because the server is a colocated one, and I need to give instructions > > to the person who is going to "fix" the server. > > > > Did you specify any of the firewall rules / configuration before > rebooting? The default deny rules will keep you from connecting to the > box until you set up new rules that will accept connections. You'll want > to check and modify the firewall_ lines in /etc/defaults/rc.conf .
No I didn't because I'm accustomed on Linux that the default policy is open, unless it is defined otherwise. > > The ipfw man page suggests being at the console when you enable the > firewall for this precise reason. > > The way to fix this problem is to log in at the console (or have someone > else do it for you) and add the following rule: > > ipfw add 100 allow ip from any to any > > > This will open up the firewall, and allow you to connect. You'll no doubt > want to delete that rule when you add your own custom rules. man ipfw(8) > will help you when you get around to doing that. Thanks for your info. I will ask the person who near with the server to issue that command from the console then. BTW how can I keep the firewall rules to be permanent on FreeBSD ? Put it on rc.firewall, or create another script that runs everytime the server gets rebooted ? Thanks To Unsubscribe: send mail to [EMAIL PROTECTED] with "unsubscribe freebsd-stable" in the body of the message
