Date: Mon, 19 Sep 2005 17:49:49 +0200 From: Erik Norgaard <norgaard@locolomo.org> To: jonas <jonas.de.buhr@gmx.net> Cc: freebsd-questions@freebsd.org Subject: Re: problem with IPF rules - port 80 not accessible Message-ID: <432EDE1D.2050107@locolomo.org> In-Reply-To: <20050919172642.45408cf9@localhost> References: <20050919172642.45408cf9@localhost>
next in thread | previous in thread | raw e-mail | index | archive | help
jonas wrote: > the httpd is not accessible from the internet and i don't understant > why, i probably made some stupid mistake in the firewall rules... this > is the first time i'm setting up a firewall from scratch. Do you at all have access? > (any errors in it? outbound internet acces works fine) I shall try to disect your ruleset: > @1 pass in log quick on ng0 proto tcp from any to 128.176.0.0/16 port = 80 > @2 pass in log quick on ng0 proto tcp from any to 192.168.0.1/32 port = 443 > @3 pass in log quick on ng0 proto tcp from any to 192.168.0.1/32 port = 22 > @4 pass in log quick on ng0 proto udp from any to 192.168.0.1/32 port = 22 Do you see anything strange in the first rule compared to the following three? You said ssh worked right? > where rl0 is the LAN interface, rl1 is connected to a DSL-modem, ng0 is > the tunnel interface mpd creates, 192.168.0.1 is the IP of my > freebsd gateway and 172.16.0.1 is the IP of the PPTP-server (a cisco > device i think). You should make an ascii sketch, it's far easier to understand which iterface is connected to what and where traffic goes. Cheers, Erik -- Ph: +34.666334818 web: www.locolomo.org S/MIME Certificate: www.daemonsecurity.com/ca/8D03551FFCE04F06.crt Subject ID: 9E:AA:18:E6:94:7A:91:44:0A:E4:DD:87:73:7F:4E:82:E7:08:9C:72 Fingerprint: 5B:D5:1E:3E:47:E7:EC:1C:4C:C8:3A:19:CC:AE:14:F5:DF:18:0F:B9
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?432EDE1D.2050107>