# [IPFW] Trouble with IPFW.



## djmentos (Aug 12, 2013)

Hello!

I try to enable IPFW, but after it I haven't access to my server. IPFW is cutting everyone.

/var/log/messages

```
Aug 8 09:13:28 bsd kernel: ipfw2 (+ipv6) initialized, divert loadable, nat loadable, rule-based forwarding disabled, default to deny, logging disabled
```

rc.conf

```
firewall_enable="YES"
firewall_logging="YES"
firewall_type="UNKNOWN"
firewall_type="/etc/firewall.rules"
```

/etc/firewall.rules:

```
# Flush out the list before we begin.
ipfw -q -f flush

#allow all
ipfw add 100 allow ip from any to any via em0
```
What am I doing wrong?


----------



## SirDice (Aug 12, 2013)

djmentos said:
			
		

> rc.conf
> 
> ```
> firewall_type="UNKNOWN"
> ...


Both refer to the same variable. You probably meant:

```
firewall_script="/etc/firewall.rules"
```


----------



## Serge1978 (Aug 13, 2013)

What about the other interfaces? Or you have only one on the server? Try something like this instead, if you have two or more interfaces:

```
ipfw add 100 allow ip from any to any
```


----------



## djmentos (Aug 14, 2013)

Oh, it was the solution - first post.

But @Serge1978, you are right. I have two interfaces, good point, thanks.


----------



## djmentos (Aug 22, 2013)

I have another question. When I am adding a rule to the configuration, all works fine.

But when I try to add this using the shell, ipfw doesn't ban the user. I tried both:

```
# ipfw add deny ip from 112.90.X.X to any
# ipfw -q add deny ip from 112.90.X.X to any
```


----------



## Serge1978 (Aug 23, 2013)

You probably forgot rule number?


----------

