From owner-freebsd-ipfw@FreeBSD.ORG  Sun Jul 30 18:02:00 2006
Return-Path: <owner-freebsd-ipfw@FreeBSD.ORG>
X-Original-To: freebsd-ipfw@freebsd.org
Delivered-To: freebsd-ipfw@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id C897F16A4DD
	for <freebsd-ipfw@freebsd.org>; Sun, 30 Jul 2006 18:02:00 +0000 (UTC)
	(envelope-from adam.egan@gmail.com)
Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.185])
	by mx1.FreeBSD.org (Postfix) with ESMTP id F099643D53
	for <freebsd-ipfw@freebsd.org>; Sun, 30 Jul 2006 18:01:59 +0000 (GMT)
	(envelope-from adam.egan@gmail.com)
Received: by nf-out-0910.google.com with SMTP id n29so298001nfc
	for <freebsd-ipfw@freebsd.org>; Sun, 30 Jul 2006 11:01:58 -0700 (PDT)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com;
	h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
	b=Bf4FnznsCK/81dmix6zt7IZ1qgQnXwe9i3HLUBYmDOEZ6iG20dQOQk3cdvim8sfEFWtLCCv/lz/yT7RzDSSwTPA0lY7j0CbVfBRiGYDyG3tJliyqMNBpSaQHrqygFbRrPLBWoWHckTCrOvqe89YNf/zjrZEGTBZGhF3MfOaR7w8=
Received: by 10.49.8.15 with SMTP id l15mr1374341nfi;
	Sun, 30 Jul 2006 11:01:58 -0700 (PDT)
Received: by 10.48.207.18 with HTTP; Sun, 30 Jul 2006 11:01:58 -0700 (PDT)
Message-ID: <28745bbf0607301101j5cda847cn9eeef3a29633398e@mail.gmail.com>
Date: Sun, 30 Jul 2006 19:01:58 +0100
From: "Adam Egan" <adam.egan@gmail.com>
To: freebsd-ipfw@freebsd.org
In-Reply-To: <44CA4F80.5030009@pro.sk>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <28745bbf0607270947i6d71369fg5c1403b2d6e36219@mail.gmail.com>
	<28745bbf0607280412tdff38dck9df78fd0fc363fff@mail.gmail.com>
	<44CA4F80.5030009@pro.sk>
Subject: Re: ipfw and natd routing problems
X-BeenThere: freebsd-ipfw@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IPFW Technical Discussions <freebsd-ipfw.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ipfw>
List-Post: <mailto:freebsd-ipfw@freebsd.org>
List-Help: <mailto:freebsd-ipfw-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ipfw>,
	<mailto:freebsd-ipfw-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Jul 2006 18:02:00 -0000

Hi Peter,

In your previous email you said:

> BE AWARE YOUR 'FIREWALL' IS COMPLETELY OPEN FOR ANY CONNECTION FROM
> INSIDE AND EVEN OUTSIDE!!!

I was wondering if it was possible to not have my firewall open in
such a way? I want only connections to port 80 and 6600-6625 (from
where does not matter), all other ports are to be closed unless opened
by natd dynamically (i.e. irc, ftp, etc).

Thank you to everybody who has helped so far, it is appreciated!

Adam