Re: ipfw

From: Dag-Erling Smorgrav (des@ofug.org)
Date: 05/10/01

• Next message: Nate Williams: "Re: ipfw"
• Previous message: Dag-Erling Smorgrav: "Re: ipfw"
• In reply to: Michael Sharp: "Re: ipfw"
• Next in thread: Peter C. Lai: "Re: ipfw"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: Michael Sharp <msharp@medmail.com>
From: Dag-Erling Smorgrav <des@ofug.org>
Date: 10 May 2001 11:22:14 +0200

Michael Sharp <msharp@medmail.com> writes:
> But I need to block port 113, and allow 1 machine to get to port
> 113. HAVING to add ipfw add allow ip from any to any gets process
> before I would allow my 1 machine to port 113, thus allowing every
> machine to port 113

How about this: go read the ipfw(8) from top to bottom, paying
particular attention to the EXAMPLES section; then browse
/etc/rc.firewall. Having read this material, if you still don't
understand how ipfw works, feel free to ask questions on the
-questions mailing list. The -security list is for security issues,
not for "can't be bothered to read the docs" issues.

DES

-- 
Dag-Erling Smorgrav - des@ofug.org
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

• Next message: Nate Williams: "Re: ipfw"
• Previous message: Dag-Erling Smorgrav: "Re: ipfw"
• In reply to: Michael Sharp: "Re: ipfw"
• Next in thread: Peter C. Lai: "Re: ipfw"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: ipfw-ntad-jail ... > Ok, so I setup IPFW and NATd on my freeBSD 4.5-RELEASE box, ... > host (dagobah) ... > allow ftp (port 21) ... > add 00600 allow icmp from any to any icmptypes 3 ... (FreeBSD-Security) Re: New IPFW Setup. ... > Here is the ruleset I currently use on all the servers. ... Please don't mail freebsd-ipfw with questions about ipfw usage. ... This way any service loaded in a non-privileged port ... for FTP to work. ... (freebsd-questions) Re: Do you know any open source software which can so these security protection? ... A TCP/UDP port listenerIt ... Software that allow one to manage the ports to open/close in FreeBSD. ... You need to use standard FreeBSD's ipfw. ... and recompile and install new kernel. ... (FreeBSD-Security) RE: continued IPFW issues... (actually a lack of ability on my part) ... > I'm still having some sort of issues with ipfw rules on my server. ... When a connection is made to port 80 from an external host, ... host for the given action (inbound connections to port 80 in this case). ... (freebsd-questions) RE: ng_netflow: testers are welcome ... ng_netflow never see packets that denied by ipfw before tee rule). ... Ok, THEORETICALLY, the sockaddr of the packet read from a divert socket ... has a 'port number' set to the ipfw rule that caused the diversion. ... (freebsd-isp)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint