Date: Fri, 30 Jul 1999 15:12:01 +1000 From: "Andrew Johns" <A_Johns@TurnAround.com.au> To: "paz" <paz@apriori.net> Cc: <freebsd-questions@FreeBSD.ORG> Subject: RE: ipchains in FreeBSD Message-ID: <001001beda4a$0e51ceb0$4001a8c0@tasajohns.turnaround.com.au> In-Reply-To: <Pine.BSF.4.10.9907292329540.11954-100000@gw.apriori.net>
next in thread | previous in thread | raw e-mail | index | archive | help
No problem - fire up: 'tcpdump -s 1600 -x -w tcp.output' and then use something like ethereal to analyse the output, so that you can identify where it is failing and thence, why it is so. Then you'll be able to add rules to allow those packets back and forth through your firewall - I'd imagine that they'd be something along the lines of: ipfw add <rule_number> allow tcp 3568 from any to <internal_ip> in ipfw add <rule_number+1> allow tcp 3569 from <internal_ip> to any out These rules assume that it's using tcp, if not sub in udp instead. You may also want to limit the <any> to a specified set of servers. HTH AJ > -----Original Message----- > From: paz [mailto:paz@apriori.net] > Sent: Friday, 30 July 1999 13:38 > To: Andrew Johns > Cc: freebsd-questions@FreeBSD.ORG > Subject: RE: ipchains in FreeBSD > > > > On Fri, 30 Jul 1999, Andrew Johns wrote: > > : > > : > I have a FreeBSD host on the internet full-time (apriori.net) with > : > appropriate firewall daemons running, but it fails to allow > : > some traffic > : > generated by other machines (admittedly Windows-based) on my > : [snip] > mode. Here was their reply: > > (included text) > =============================== > Date: 29 Apr 1999 12:33:42 -0700 > From: Support Inet <support@novalogic.com> > To: paz <paz@apriori.net> > Subject: Re: Delta Force black scree > > Delta Force will not connect properly through a proxy server, > due to the way proxy servers manage your ports. Delta Force > uses dynamic ports, but these are not in line with proxy > port routing. For those of you with firewalls, you can try > ports 0x0df0 and 0x0df1 (3568 and 3569). > > NovaLogic Tech. Support > =============================== > (end included text) > > cheers - > -- Philip. > > philip zimmermann paz@apriori.net > www.apriori.net ayer, ma usa > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001001beda4a$0e51ceb0$4001a8c0>