[3691] in linux-net channel archive
Re: IP Firewall broken or misconfigured?
daemon@ATHENA.MIT.EDU (Jos Vos)
Sun Jul 14 19:48:04 1996
From: Jos Vos <jos@xos.nl>
To: mmclagan@invlogic.com (Mike McLagan)
Date: Sun, 14 Jul 1996 11:50:00 +0200 (MET DST)
Cc: linux-net@vger.rutgers.edu
In-Reply-To: <199607131834.OAA00361@invlogic.com> from "Mike McLagan" at Jul 13, 96 02:34:56 pm
> ipfwadm -F -a deny -P icmp -S topaz.kern.com -D 0.0.0.0 -o
> ipfwadm -F -a rej -P icmp -S topaz.kern.com -D 0.0.0.0 -o
>
> Both rules are listed in the output of "ipfwadm -F -l -x". My kernel is
> compiled with firewalling enabled, along with verbosity.
>
> In short, it hasn't stopped the attack at all! :(
>
> Have I got it misconfigured somehow?
Yes. 0.0.0.0 (== 0.0.0.0/255.255.255.255) will never match.
Use 0.0.0.0/0 instead.
--
-- Jos Vos <jos@xos.nl>
-- X/OS Experts in Open Systems BV | Phone: +31 20 6938364
-- Amsterdam, The Netherlands | Fax: +31 20 6948204
