Date: Wed, 6 Dec 2000 12:30:15 -0600 From: "Darryl Hoar" <darryl@osborne-ind.com> To: <freebsd-questions@freebsd.org> Subject: ppp filters - question Message-ID: <001901c05fb2$94b06720$0701a8c0@ruraltel.net>
next in thread | raw e-mail | index | archive | help
I'm running: FreeBSD proxy 4.0-RELEASE FreeBSD 4.0-RELEASE #0: Mon Mar 20 22:50:22 GMT 2000 root@monster.cdrom.com:/usr/src/sys/compile/GENERIC i386 In the tutorial in the online handbook for ppp, I am trying to understand the example of the ppp filters. In addition, I have disabled inetd so no ftp, telnet.... for security sake. In the example filters, it shows ftp packets in and out. Since ftp is not running on my box, the network users can still ftp other hosts on the internet ? Also, in the from/to local section, does this just allow nodes on my private net to pass packets to the internet ? Sorry, but I'm a bit confused about services I've removed from my gateway, and packets of the type (ie, ftp is not an available service on my gateway machine, but I want my network users to be able to ftp to machines on the internet). Thanks, Darryl # # Allow telnet connection to the Internet # set filter in 1 permit tcp src eq 23 estab set filter out 1 permit tcp dst eq 23 # # Allow ftp access to the Internet # set filter in 2 permit tcp src eq 21 estab set filter out 2 permit tcp dst eq 21 set filter in 3 permit tcp src eq 20 dst gt 1023 set filter out 3 permit tcp dst eq 20 set filter in 5 permit tcp src eq 53 set filter out 5 permit tcp dst eq 53 # # Allow access from/to local network # set filter in 6 permit 0/0 192.168.1.0/24 set filter out 6 permit 192.168.1.0/24 0/0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?001901c05fb2$94b06720$0701a8c0>