Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: How to create IP table at Free BSD
Operating Systems BSD How to create IP table at Free BSD Post 302220425 by togr on Thursday 31st of July 2008 05:02:23 PM
Old 07-31-2008
nmap will do the job but telnet shuld be sufficient to test whether ports are open. try netstat -an | grep 110 and grep 25 to see if anything has bound to these ports at all.

On freebsd there is no iptables.
Firewalls on freebsd are either ipf or pf.

as far as I recall ipf -ihn will show you active ruleset on incoming direction (i) with hits per rule (h) and number next to each rule (n). ipf -ohn will show you similar but in output direction. You may find that strange at the first glance but in ipf last match wins. That is decision to dropp/pass a packet is done based on last match, not first match in a rulest - opposite to linux/cisco behaviour. It's just a different approach you'll have to get used to, it's not wrong at all.

Tell us what you see when doing netstat and telnet to mentioned ports, then we'll guide you through the rest. It won't be difficult.
ipf's syntax is so simple and straighforward that I falled in love since I saw it. PF is very similar (in syntax).

regards.
 

10 More Discussions You Might Find Interesting

1. UNIX for Dummies Questions & Answers

Red hat or free BSD?

This is my first post here, so I thought Id make it good. I am building a webserver that will be up in a month or so, so I am starting now. I was wondering, since I am on the fence here, should I go with Red hat or BSD? I am comfortable with both, I can run apache on either one, but I am wondering... (4 Replies)
Discussion started by: advok8
4 Replies

2. UNIX for Dummies Questions & Answers

Free Bsd

i am installing FREEBSD and I would like to know which hardware specific network card that works and help with this would be great I am very new to this (UNIX) (1 Reply)
Discussion started by: BSD_NEWUSER
1 Replies

3. UNIX for Dummies Questions & Answers

Free BSD Display Properties?

I'm very new to UNIX and just istalled FreeBSD on my computer. I using the KDE desktop and the resolution is horrible. How do I adjust this. (3 Replies)
Discussion started by: mbrouder
3 Replies

4. UNIX for Dummies Questions & Answers

Free BSD 5.1 & default gateway

Hello folks, I'm very new to Unix so please bear with me. I have a FreeBSD 5.1 box on IP address 192.168.1.4 and I want to tell it to use my broadband router (192.168.1.1) as it's default gateway. Could someone tell me how to do this? I did search these forums first but could not find... (1 Reply)
Discussion started by: SRP
1 Replies

5. BSD

X-Windows Free BSD

so, i have a video card SIS s315 AGP and i can't cofigure X Free on free BSD to run X window. Anybody can help me solve this problem?? (2 Replies)
Discussion started by: Dmitri-br
2 Replies

6. BSD

Free BSD X window

Can anyone help me ? I have installed Free BSD several times and I can't get the X window to work . I have installed the ports Gnome and others but for some reason when I type start x doesn't work. I downloaded the 3 i386 disks but I get to install the first one wich complete the setup and... (3 Replies)
Discussion started by: skyhawkfly
3 Replies

7. UNIX for Dummies Questions & Answers

Hardware for UNIX/Free BSD

Hi! I'm planning to start to set up a Webserver. All software has to be freeware. I'm also planning to use Free BSD/UNIX for this project. Apache as Webserversystem and so on... Therefor I would like to have some info about what kind of hardware I need. I'm planning to buy a computer... (9 Replies)
Discussion started by: kargooliw
9 Replies

8. BSD

installing free BSD

Hello friends. I am new to Unix although i am very flexible to any programming language. i was a window user. Now, no more. I have decided myself to switch to unix. Here is my problem: I burned the free BSD into my new RW CD's. I inserted the bootable manager first then, it was scanning and... (5 Replies)
Discussion started by: bonjour2006
5 Replies

9. UNIX and Linux Applications

create table via stored procedure (passing the table name to it)

hi there, I am trying to create a stored procedure that i can pass the table name to and it will create a table with that name. but for some reason it creates with what i have defined as the variable name . In the case of the example below it creates a table called 'tname' for example ... (6 Replies)
Discussion started by: rethink
6 Replies

10. BSD

USB mount of Free BSD

Hello all When I insert my USB , its says : umass0 detected . I want to ls files present in the USB. I tried mount -t msdosfs /dev/da0s1 /mnt Whats is dev/da0s1 ????? How can I mount it to use it ? Regards (3 Replies)
Discussion started by: Junaid Subhani
3 Replies

LEARN ABOUT V7

ipf

ipf(1M) 																   ipf(1M)

NAME

       ipf - alter packet filtering lists for IP packet input and output

SYNOPSIS

       ipf [-AdDEInoPrsvVyzZ] [-l  block | pass | nomatch] [-T optionlist] [-F	i | o | a | s | S] -f filename [-f  filename...]

       The ipf utility opens the filenames listed (treating a hyphen (-) as stdin) and parses the file for a set of rules which are to be added or
       removed from the packet filter rule set.

       If there are no parsing problems, each rule processed by ipf is added to the kernel's internal lists. Rules are added to  the  end  of  the
       internal lists, matching the order in which they appear when given to ipf.

       ipf's use is restricted through access to /dev/ipauth, /dev/ipl, and /dev/ipstate. The default permissions of these files require ipf to be
       run as root for all operations.

       The following options are supported:

       -A

	   Set the list to make changes to the active list (default).

       -d

	   Turn debug mode on. Causes a hex dump of filter rules to be generated as it processes each one.

       -D

	   Disable the filter (if enabled). Not effective for loadable kernel versions.

       -E

	   Enable the filter (if disabled). Not effective for loadable kernel versions.

       -F i | o | a

	   Specifies which filter list to flush. The parameter should either be i (input), o (output) or a (remove all filter  rules).	 Either  a
	   single  letter  or  an entire word starting with the appropriate letter can be used. This option can be before or after any other, with
	   the order on the command line determining that used to execute options.

       -F s | S

	   To flush entries from the state table, use the -F option in conjuction with either s (removes state	information  about  any  non-fully
	   established connections) or S (deletes the entire state table). You can specify only one of these two options. A fully established con-
	   nection will show up in ipfstat -s output as 4/4, with deviations either way indicating the connection is not fully established.

       -f filename

	   Specifies which files ipf should use to get input from for modifying the packet filter rule lists.

       -I

	   Set the list to make changes to the inactive list.

       -l pass | block | nomatch

	   Toggles default logging of packets. Valid arguments to this option are pass, block and nomatch. When an option is set, any packet which
	   exits filtering and matches the set category is logged. This is most useful for causing all packets that do not match any of the loaded
	   rules to be logged.

       -n

	   Prevents ipf from making any ioctl calls or doing anything which would alter the currently running kernel.

       -o

	   Force rules by default to be added/deleted to/from the output list, rather than the (default) input list.

       -P

	   Add rules as temporary entries in the authentication rule table.

       -r

	   Remove matching filter rules rather than add them to the internal lists.

       -s

	   Swap the currently active filter list to be an alternative list.

       -T optionlist

	   Allows run-time changing of IPFilter kernel variables. To allow for changing, some variables require IPFilter to be in a disabled state
	   (-D), others do not. The optionlist parameter is a comma-separated list of tuning commands. A tuning command is one of the following:

	   list

	       Retrieve a list of all variables in the kernel, their maximum, minimum, and current value.

	   single variable name

	       Retrieve its current value.

	   variable name with a following assignment

	       To set a new value.

	   Examples follow:

	   # Print out all IPFilter kernel tunable parameters
	   ipf -T list

	   # Display the current TCP idle timeout and then set it to 3600
	   ipf -D -T fr_tcpidletimeout,fr_tcpidletimeout=3600 -E

	   # Display current values for fr_pass and fr_chksrc, then set
	   # fr_chksrc to 1.
	   ipf -T fr_pass,fr_chksrc,fr_chksrc=1

       -v

	   Turn verbose mode on. Displays information relating to rule processing.

       -V

	   Show  version  information. This will display the version information compiled into the ipf binary and retrieve it from the kernel code
	   (if running or present). If it is present in the kernel, information about its current state will be displayed;  for  example,  whether
	   logging is active, default filtering, and so forth).

       -y

	   Manually resync the in-kernel interface list maintained by IP Filter with the current interface status list.

       -z

	   For each rule in the input file, reset the statistics for it to zero and display the statistics prior to them being zeroed.

       -Z

	   Zero global statistics held in the kernel for filtering only. This does not affect fragment or state statistics.

       /dev/ipauth
       /dev/ipl
       /dev/ipstate

	   Links to IP Filter pseudo devices.

       /etc/ipf/ipf.conf

	   Location of ipf startup configuration file.

       /usr/share/ipfilter/examples/

	   Contains numerous IP Filter examples.

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWipfu			   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Evolving			   |
       +-----------------------------+-----------------------------+

       ipfstat(1M), ipmon(1M), ipnat(1M), ipf(4), attributes(5)

       Needs to be run as root for the packet filtering lists to actually be affected inside the kernel.

       To  view license terms, attribution, and copyright for IP Filter, the default path is /usr/lib/ipf/IPFILTER.LICENCE. If the Solaris operat-
       ing environment has been installed anywhere other than the default, modify the given path to access the file at the installed location.

								    25 Jul 2005 							   ipf(1M)
All times are GMT -4. The time now is 09:38 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy