This is my freebsd 7.2:
[code]
FreeBSD fbsd.test.com 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Mon Aug 3 06:40:56 UTC 2009 root@vfbsd.shstorm.com:/usr/src/sys/amd64/compile/kernel_IPF amd64
[/code]
In kenrel_IPF, I add these lines:
[code]
options IPFILTER
options IPFILTER_LOG
[/code]
Add these lines in /etc/rc.conf:
[code]
ipfilter_enable="YES"
ipfilter_program="/sbin/ipf"
ipfilter_rules="/etc/ipf.rules"
ipfilter_flags="-D"
ipmon_enable="YES"
ipmon_flags="-D /var/log/ipfilter.log"
[/code]
This is /etc/ipf.rules:
[code]
pass out quick on lo0 all
pass in quick on lo0 all
block in on re0 all
block out on re0 all
block in log quick all with short
block in log quick all with ipopts
block in log quick all with frag
block in log quick all with opt lsrr
block in log quick all with opt ssrr
pass in on re0 proto tcp from any to any port = 80 flags S/SA keep state
pass in on re0 proto tcp from any to any port = 22 flags S/SA keep state
pass in on re0 proto tcp from any to any port = ftp flags S/SA keep state
pass in on re0 proto tcp from any to any port = ftp-data flags S/SA keep state
pass in on re0 proto tcp from any to any port 30000 >< 50001 flags S/SA keep state
[/code]
When start system, it shows some error messages:
[code]
......
Enabling ipfilter
ioctl (SIOCIPFL6): input/output error.
......
[/code]
Who can help me?
