From owner-freebsd-questions@FreeBSD.ORG  Wed Nov 30 08:10:04 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 08B0316A41F
	for <freebsd-questions@freebsd.org>;
	Wed, 30 Nov 2005 08:10:04 +0000 (GMT)
	(envelope-from dead_line@hotmail.com)
Received: from hotmail.com (bay20-f6.bay20.hotmail.com [64.4.54.95])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 6ED3243D58
	for <freebsd-questions@freebsd.org>;
	Wed, 30 Nov 2005 08:09:49 +0000 (GMT)
	(envelope-from dead_line@hotmail.com)
Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC;
	Wed, 30 Nov 2005 00:09:46 -0800
Message-ID: <BAY20-F6BC45458FC120B75ED6FB9A4A0@phx.gbl>
Received: from 62.150.223.194 by by20fd.bay20.hotmail.msn.com with HTTP;
	Wed, 30 Nov 2005 08:09:46 GMT
X-Originating-IP: [62.150.223.194]
X-Originating-Email: [dead_line@hotmail.com]
X-Sender: dead_line@hotmail.com
From: "Marwan Sultan" <dead_line@hotmail.com>
To: freebsd-questions@freebsd.org
Date: Wed, 30 Nov 2005 08:09:46 +0000
Mime-Version: 1.0
Content-Type: text/plain; format=flowed
X-OriginalArrivalTime: 30 Nov 2005 08:09:46.0296 (UTC)
	FILETIME=[6D4A2B80:01C5F585]
Subject: portsentry question.
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Nov 2005 08:10:04 -0000

Hello Everyone,

    I have up and running freebsd 4.8-R
    recently i installed portsentry from my updated ports,

   I configured portsentry.conf to add the blocked IPs to ipfw.

  also I added all my allowed IPs to portsentry.ignore

when I ssh to the box It works fine, but when I surf the web from any other 
machine
outside local network to www.mydomain.com
it add me to the blocked list (ipfw) as an ip trying to scan port 80.

also when i try to localy surf the web from the box it self - lynx 
mydomain.com
the box add it self to the blocked list ipfw deny localhost ip, then 
ofcourse all the machine
hangs..although i added the C class machine xxx.xxx.xxx.0/24 ips to the 
portsentry.ignore file.

any ideas what to do?
to make people looking at the webpages normally, using the webemail client 
normally,
in the same time to block any scan attempts?

any better package to do so?

take a note its a commercial server use, running apache, email clients, no 
anonymous.

Thank you sso much in advance.

Marwan

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE! 
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/