Date: Wed, 05 Apr 2006 21:50:19 -0500 From: Dennis Olvany <dennisolvany@gmail.com> To: "Anthony M. Agelastos" <iqgrande@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: ipfw and ssh Message-ID: <443481EB.8070106@gmail.com> In-Reply-To: <7DF2083F-A039-495E-8FAC-E6C9D8AA6391@gmail.com> References: <7DF2083F-A039-495E-8FAC-E6C9D8AA6391@gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> # Allow person SSH access
> mip="xxx.xxx.xxx.xxx"
> ${fwcmd} allow tcp from any to any 22 out setup keep-state
I see two reasons that egress sshd traffic will not match the above
rule. The destination port is incorrect and a syn/ack will not match.
> ${fwcmd} add pass tcp from ${mip} to me 22 setup limit src-addr 2
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?443481EB.8070106>