Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 4 Oct 2006 18:32:01 +0000
From:      vittorio <vdemart1@tin.it>
To:        freebsd-questions@freebsd.org
Subject:   ipfw & cups
Message-ID:  <200610041832.02074.vdemart1@tin.it>

Next in thread | Raw E-Mail | Index | Archive | Help
As an IPFW newbye with the following rules I'm unable to use cupsd in the same 
box where ipfw is running; cups seems to hang endlessly (rule 631 is about 
the port 631).
What ami I missing
Ciao
Vittorio

# ipfw list
00500 check-state
00501 deny tcp from any to any established
00502 deny ip from any to any frag
00503 allow ip from any to any via lo0
00504 deny ip from any to any not verrevpath in
00505 deny ip from any to 127.0.0.0/8
00508 deny ip from 127.0.0.0/8 to any
00590 allow tcp from 10.155.100.0/24 to me dst-port 22,80 via iwi0 setup 
keep-state
00595 allow tcp from me to any dst-port 22,80,443 via iwi0 setup keep-state
00597 allow ip from me to any dst-port 20,21 out setup keep-state
00601 allow tcp from 10.155.100.0/24 to me dst-port 81,137-139,445 via iwi0 
setup keep-state
00602 allow udp from 10.155.100.0/24 to me dst-port 123,81,137,138,139,445 via 
iwi0 setup keep-state
00603 allow tcp from me to 10.155.100.0/24 dst-port 81,137-139,445 via iwi0 
setup keep-state
00604 allow udp from me to 10.155.100.0/24 dst-port 123,81,137,138,139,445 via 
iwi0 setup keep-state
00605 allow tcp from 10.155.100.0/24 to me dst-port 1024,5432,5900-5909 via 
iwi0 setup keep-state
00607 allow udp from 10.155.100.0/24 to me dst-port 1024,5432,5900-5909 via 
iwi0 setup keep-state
00608 allow tcp from any to 10.155.100.33 dst-port 1491
00609 allow tcp from 10.155.100.33 1491 to any
00610 allow tcp from me to any dst-port 53 out via iwi0 keep-state
00612 allow udp from me to any dst-port 53 out via iwi0 keep-state
00631 allow tcp from 10.155.100.0/24 to me dst-port 631
00650 allow tcp from any to any dst-port 25 out via iwi0 setup keep-state
00655 allow tcp from any to any dst-port 110 out via iwi0 setup keep-state
00700 allow icmp from 10.155.100.0/24 to any via iwi0
65535 deny ip from any to any



Want to link to this message? Use this URL: <http://docs.FreeBSD.org/cgi/mid.cgi?200610041832.02074.vdemart1>