Date: Thu, 20 Mar 2003 13:50:35 -0600 From: Henrik Hudson <lists@rhavenn.net> To: "W. J. Williams" <willardjwilliams@yahoo.com>, freebsd-questions@freebsd.org Subject: Re: IPFW firewall rules not complete Message-ID: <200303201350.35462.lists@rhavenn.net> In-Reply-To: <20030320193828.98259.qmail@web13509.mail.yahoo.com> References: <20030320193828.98259.qmail@web13509.mail.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 20 March 2003 13:38, W. J. Williams wrote: > I am experimenting with IPFW firewalls and have hit a roadblock. I am > trying to allow ssh, mail, dns requests, pings and traceroutes out, but > not in. I am hitting a roadblock on mail and pings out Assuming that 192.168.0.0/29 is your internal block you've got the rules backwords. > > add 2000 allow tcp from any to 192.168.0.0/29 22,25,10000 setup This will let anything come in and establish a connection to a service running on 22, 25, 10000 but says nothing about outgoing. I think you want: add 2000 allow tcp from 192.168.0.0/29 to any 22,25,10000 setup Henrik -- Henrik Hudson lists@rhavenn.net You know, Hobbes, some days even my lucky rocket ship underpants don't help." Calvin To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200303201350.35462.lists>