Date: Fri, 19 Feb 1999 08:53:26 -0600 From: Benjamin Gavin <gavinb@supranet.net> To: Francois LAISSUS <fla@laissus.fr> Cc: freebsd-stable@freebsd.org Subject: Re:Problems with ipfw/nat Message-ID: <4.1.19990219084638.03665870@mail.supranet.net> In-Reply-To: <19990219102254.B28285@laissus.fr>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi all, After much messing around, I am still unable to get this stuff to work. I just wanted to clear up one thing before I continue. In /etc/rc.conf you can specify a filename where your local firewall rules are located. (i.e. firewall_type="/etc/rc.firewall.local"). If you do it this way, ipfw will be called like "ipfw /etc/rc.firewall.local". This will run through the file and perform whatever commands you have listed there. I do it this way so as I don't have to directly modify /etc/rc.firewall. I believe this is a perfectly standard way to do it. Please correct me if I am wrong. Anyway, onto my real problem. I have been able to set up the firewall to allow access to internal POP3, and SMTP servers, but am still unable to get an answer from internal HTTP servers. Just going in and changing the relevant rules (i.e. changing port 25 to port 80) just doesn't work. Is there something intrinsicly different about the HTTP protocal that does not allow if to function correctly from the inside of a firewall?? Is it trying to reply on a different port or something? I mean that I can't even telnet through on port 80 and get a prompt. It just hangs there. However, like I said I can get through to SMTP and POP3 servers fine, _USING THE SAME MACHINE AND FIREWALL_!!! Needless to say, I am mucho confused... Please does anyone out there have any ideas at all??? Thanks, Ben At 10:22 AM 2/19/99 +0100, Francois LAISSUS wrote: >Hi, >I'm trying to understand your question from your configuration : > >>_rc.conf.site_: >>gateway_enable="YES" >>firewall_enable="YES" >>firewall_type="/etc/rc.firewall.local" # Contains my local firewall rules > ^^^^^^^^^^^^^^^^^^^^^^ >It seems to me that here you should write the *name* of type >of rules finds in /etc/rc.firewall, not the file name. >It runs fine for me under 2.2.xx > >Hope that helps > >F.Laissus > >-- >____ Francois Laissus <Francois.Laissus@laissus.fr> _________________________ >____ Cabinet d'Etudes Informatiques - Paris - France ____________________ >____ Tel 33 (0)1.43.31.54.75 - Fax 33 (0)1.43.31.54.85 _______________ /--------------------------------------------------------------------------/ Benjamin Gavin - Senior Consultant *********** NO SPAM!! ************ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19990219084638.03665870>