Re: Another ssh problem - it looks up after a couple of minutes.
From: Neil Hoggarth (njh_at_physiol.ox.ac.uk)
Date: 08/30/05
- Next message: G00gl3r: "How to limit session log file size w/SecureCRT?"
- Previous message: markus berges: "I cant authenticate a chrooted user"
- In reply to: Michael Laajanen: "Re: Another ssh problem - it looks up after a couple of minutes."
- Next in thread: Dave: "Re: Another ssh problem - it looks up after a couple of minutes."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Tue, 30 Aug 2005 15:53:49 +0000 (UTC)
In article <3nh83lF1h3h6U1@individual.net>,
Michael Laajanen <michael_laajanen@yahoo.com> wrote:
> Like this?
>
> pass in quick on hme1 proto tcp from any to any port = 22 flags S/SA
> keep state
Yes, but that's only for incoming connections (initiated by a remote
host). As Oscar said, you also want to make sure that outgoing
connections that are initiated from behind the firewall keep state:
pass out quick on hme1 proto tcp from any to any keep state
(assuming your security policy permits all outgoing traffic).
Regards,
-- Neil Hoggarth Departmental Computing Manager <neil.hoggarth@physiol.ox.ac.uk> Laboratory of Physiology http://www.physiol.ox.ac.uk/~njh/ University of Oxford, UK
- Next message: G00gl3r: "How to limit session log file size w/SecureCRT?"
- Previous message: markus berges: "I cant authenticate a chrooted user"
- In reply to: Michael Laajanen: "Re: Another ssh problem - it looks up after a couple of minutes."
- Next in thread: Dave: "Re: Another ssh problem - it looks up after a couple of minutes."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
