Re: PORTS necessary for surfing?
From: Bjorn (bjornxon@hotmail.com)Date: 01/05/02
- Previous message: Santa's Little Helper: "Router and IRC"
- In reply to: bargepole: "Re: PORTS necessary for surfing?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Bjorn" <bjornxon@hotmail.com> Date: Sat, 05 Jan 2002 12:18:32 GMT
I have an FTP-server on the same computer as WinRoute but cant connect to it
from the outside as long as the WinRoute firewall is on. Have I missed
something again? :)
I have these rules:
Permit TCP Any host port= 20-21 -> Any host port= 20-21
Permit TCP Any host port=20 -> Any host port>1023
Permit TCP Any host port=21 -> Any host port>1023
..but it still doesnt work. If i shut the WinRoute-engine down people can
connect to the FTP-server program without problems.
Any tips?
/Bjorn
"bargepole" <jbhur@hotmail.com> wrote in message
news:LicY7.150127$KT.38907415@news4.rdc1.on.home.com...
> Winroute Pro, as early as version 3, allocated ports 61000 to 65535 for
> Winroute clients' outbound connections. A default Winroute gateway always
> connects to an Internet host using a port between 61000 and 65535. TCP
port
> 80 is the typical destination port of a client's web browser
communications.
>
> You're blocking the replies from the servers to which you're trying to
> connect.
>
> Here's a rule set suggestion to achieve what you want.
>
> Packet Filter
> Incoming
> Internet Interface
> Permit UDP Any host port=53 -> Any host port>1023
> Permit TCP Any host port=80 -> Any host port>1023
> Permit TCP Any host port=443 -> Any host port>1023
> Drop IP Any host -> Any host
>
> This rule set will allow DNS lookups, connections to standard HTTP and
HTTPS
> servers, and block any traffic from anywhere else. FTP, MSN, and mail
> connection attempts, for example, will fail until you provide rules (above
> the last) to allow such communication.
>
> "Bjorn" <bjornxon@hotmail.com> wrote in message
> news:1j5Y7.7262$l93.1866690@newsb.telia.net...
> > Hi
> > I'm using WinRoute Pro 3.0 on an old PC acting as a firewall and router.
> As
> > I understand it, port 80 is the one used for surfing so what I did was
to
> > close almost all incoming ports except for number 80. When I try to surf
> it
> > doesn't work and I can see on the logg-file that it's trying to get
> traffic
> > on some ports around 61000 so i open some of the up. It works for a
while
> > but then it stops and I see there's traffic on port 61100 or higher
trying
> > to get in. It seems to be counting upwards. When i open more ports it
> works
> > for a moment but soon it reaches the final open port and i have to open
> > more. What on earth is this?
> >
> > /bjorn
>
>
>
- Next message: Marcel Scherello: "Re: Ports necessary for running a FTP-server?"
- Previous message: Santa's Little Helper: "Router and IRC"
- In reply to: bargepole: "Re: PORTS necessary for surfing?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
