Date: Mon, 31 Dec 2001 08:16:38 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Kjell <kmidtset@c2i.net> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: ipf/ipnat rules for telnetting ADSL modem Message-ID: <20011231075211.V64709-100000@cactus.fi.uba.ar> In-Reply-To: <20011231074149.E20DF7E20@mail.broadpark.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 31 Dec 2001, Kjell wrote: > List members! > My firewall needs to telnet my Cisco ADSL modem to obtain the current IP > address. What would be a secure set of ipfilter/ipnat rules considering that > I would not like the world to telnet into my firewall? > Regards from Kjell/LA3SG If you want to telnet *from* your firewall, you don't need to open telnet on your firewall. Add: pass out quick on <outif> proto tcp from <fwip> to <modemip> port = 23 flags S keep state Remember to add a default block rule: block in quick all where outif is the name of the outside interface, fwip is Ip of that interface, and modemip is the IP of your modem. Fer > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011231075211.V64709-100000>