Date: Mon, 1 Jul 1996 16:30:32 +0400 (MSD) From: Alexander Kolbasov <akolb@stins.msk.su> To: current@freefall.FreeBSD.ORG Subject: Re: IPFW bugs? Message-ID: <199607011230.QAA21491@piglet.stins.msk.su> In-Reply-To: <199606281933.MAA23688@freefall.freebsd.org> References: <199606281933.MAA23688@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Nate wrote: > That's the DNS line: > > # Allow NTP stuff through > ipfw add pass all from any 123 to any via $1 > ipfw add pass all from any to any 123 via $1 This rule actually means that anyone with root priviledges on his local host can access any port on your local net. The rule ipfw add pass all from any 123 to any via $1 is thus equivalent to ipfw add pass all from any to any via $1 and in fact it makes the firewall absolutely open. You should not trust any remote information, including port number! - Sasha - __ Alexander Kolbasov.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199607011230.QAA21491>