Date: Sat, 13 May 2006 18:12:17 +0400 From: "Bob Goodman" <goodman@mac.hush.com> To: <stonerte@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: Access from the internet Message-ID: <20060513141218.6F024DA820@mailserver8.hushmail.com>
next in thread | raw e-mail | index | archive | help
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Sat, 13 May 2006 06:30:37 +0400 Terry Stoner <stonerte@gmail.com> wrote: >Bob - > >I am keeping state with the port 21 rule. I am perplexed because >everything >works fine on the local LAN. > >On 5/12/06, Bob Goodman <goodman@mac.hush.com> wrote: >> >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >> >Hi my name is Terry Stoner. I just set up a new Firewall, >FreeBSD >> 6.0, and >> >am having trouble connecting from the internet. Basically I >want >> to ssh >> >from work. I set sshd_config to listen on all interfaces and >on >> port 21, >> >this port is not blocked outbound from work. I have ipfilter >> rules allowing >> >inbound on this port and interface. I setup port forwarding on >my >> netgear >> >router. When I do a tcpdump I see myself hitting the interface >of >> my >> >firewall, but sshd is not responding. I get to my box, but no >> dice. Do you >> >have any suggestions? I would appreciate it. >> > >> >Thank you, >> > >> >Terry Stoner >> > >> >> Are you certain that you allow both inbound traffic to your port >21 >> and outbound traffic from your port 21? Something with "keep >state" >> in the ipfilters ruleset? >> >> Bob Goodman >> -----BEGIN PGP SIGNATURE----- >> Note: This signature can be verified at >https://www.hushtools.com/verify >> Version: Hush 2.5 >> >> >wkYEARECAAYFAkRlA08ACgkQAQ09syE0bn45mQCeIcOn0hmTCdKRIEprgN543vJYb80 >A >> nig4TZ0WCEqQzJf6tAyiC4O0sTm+ >> =u018 >> -----END PGP SIGNATURE----- Could you for example stop your sshd, start "openssl s_server" listening on that interface port 21 and connect with "openssl s_client" from the internet? And what is happening with ipf disabled? -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wkYEARECAAYFAkRl6TIACgkQAQ09syE0bn4K7ACgkxcdMBl6S+BaqJmsGRdZoKvHp5sA nje118bNTFMvK/Jj8g0uNeZXHK+e =PA1P -----END PGP SIGNATURE----- Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20060513141218.6F024DA820>