Date: 11 Oct 2004 13:42:51 -0400 From: Lowell Gilbert <freebsd-questions-local@be-well.ilk.org> To: Norm Vilmer <norm@etherealconsulting.com> Cc: freebsd-questions@freebsd.org Subject: Re: Need help with IPFW rule Message-ID: <44y8idqhgk.fsf@be-well.ilk.org> In-Reply-To: <41674DF5.4010409@etherealconsulting.com> References: <41674DF5.4010409@etherealconsulting.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Norm Vilmer <norm@etherealconsulting.com> writes: > I get this message (below) on the console of my FreeBSD 4.10 firewall: > > Connection attempt to TCP <my public ip>:20388 from 61.151.248.42:80 > flags 0x12 > > It appears that this is getting through the firewall and is logged to > the console because log_in_vain is 1. > > Question: What IPFW rule would block this without interfering with > normal http traffic on port 80 (I have Apache running on the box and > nat'd machines on the inside interface that access the Internet)? In most peoples' configurations, this would be getting blocked by a default block-all rule. The users' connection out on port 80 would be accepted by a rule that is specific to the outgoing direction, and incoming packets on those connections would be accepted by either keeping state or by letting in only non-SYN packets. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org:8088/~lowell/
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?44y8idqhgk.fsf>