From owner-freebsd-questions Thu Jun 28 8:54:23 2001 Delivered-To: freebsd-questions@freebsd.org Received: from smtprelay1.adelphia.net (smtprelay1.adelphia.net [64.8.25.6]) by hub.freebsd.org (Postfix) with ESMTP id 6D42C37B403 for ; Thu, 28 Jun 2001 08:54:19 -0700 (PDT) (envelope-from ipthomas_77@yahoo.com) Received: from scraemondaemon.my.domain ([24.49.96.3]) by smtprelay1.adelphia.net (Netscape Messaging Server 4.15) with ESMTP id GFNDGA01.46P for ; Thu, 28 Jun 2001 11:52:58 -0400 Received: (from ipt@localhost) by scraemondaemon.my.domain (8.9.3/8.9.3) id LAA06736 for freebsd-questions@freebsd.org; Thu, 28 Jun 2001 11:52:47 -0400 (EDT) (envelope-from ipt) From: "Ian P. Thomas" Message-Id: <200106281552.LAA06736@scraemondaemon.my.domain> Subject: firewall log output To: freebsd-questions@freebsd.org Date: Thu, 28 Jun 2001 11:52:47 -0400 (EDT) X-Mailer: ELM [version 2.5 PL5] MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG After getting my Cable connection working I installed a firewall with IPFW. I have tinkered with the rules and it seems to work fine except for one small problem. I get these messages over and over again. ipfw: 65435 Deny P:2 192.168.100.1 224.0.0.1 in via fxp0 ipfw: 65435 Deny UDP 24.49.96.221:2301 255.255.255.255:2301 in via fxp0 ipfw: 65435 Deny UDP 24.49.96.221:2301 255.255.255.255:2301 in via fxp0 ipfw: 65435 Deny UDP 24.49.96.221:2301 255.255.255.255:2301 in via fxp0 I couldn't find much info on port 2301 and I'm not sure what P:2 is. Here are my rules. # set the firewall command fwcmd="/sbin/ipfw" # flush rules first $fwcmd -f flush # divert all packets to the fxp interface $fwcmd add divert natd all from any to any via fxp0 # allow any data from the localhost $fwcmd add allow ip from any to any via lo0 # allow any connections initiated by this host $fwcmd add allow tcp from any to any out xmit fxp0 setup # allow established connections to remain open $fwcmd add allow tcp from any to any via fxp0 established # reset ident packages, don't give out any info $fwcmd add reset log tcp from any to any 113 in recv fxp0 # allow DHCP packets in and out, not sure if there is a better way to do #this $fwcmd add allow udp from any to any 68,67 out xmit fxp0 $fwcmd add allow udp from any 68,67 to any in recv fxp0 # allow for active ftp sessions, problems getting ports without this $fwcmd add allow tcp from any to any 20 out xmit fxp0 $fwcmd add allow tcp from any 20 to any in recv fxp0 # allow outgoing requests to specific DNS servers $fwcmd add allow udp from any to any 53 out xmit fxp0 # allow responses to DNS requests $fwcmd add allow udp from any 53 to any in recv fxp0 # allow ping and traceroute $fwcmd add 65435 allow icmp from any to any # deny everything else $fwcmd add 65435 deny log ip from any to any Answers or links to further information are welcome. Ian To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message