From owner-freebsd-questions@FreeBSD.ORG Wed Aug 4 09:37:32 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FBAA16A4CE for ; Wed, 4 Aug 2004 09:37:32 +0000 (GMT) Received: from aiolos.otenet.gr (aiolos.otenet.gr [195.170.0.23]) by mx1.FreeBSD.org (Postfix) with ESMTP id E1B6943D5C for ; Wed, 4 Aug 2004 09:37:30 +0000 (GMT) (envelope-from keramida@ceid.upatras.gr) Received: from orion.daedalusnetworks.priv (aris.bedc.ondsl.gr [62.103.39.226])i749bQfU017472; Wed, 4 Aug 2004 12:37:27 +0300 Received: from orion.daedalusnetworks.priv (orion [127.0.0.1]) i74AcsGv033899; Wed, 4 Aug 2004 13:38:54 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Received: (from keramida@localhost)i74Acmrw033841; Wed, 4 Aug 2004 13:38:48 +0300 (EEST) (envelope-from keramida@ceid.upatras.gr) Date: Wed, 4 Aug 2004 13:38:48 +0300 From: Giorgos Keramidas To: Srot BULL Message-ID: <20040804103848.GA31620@orion.daedalusnetworks.priv> References: <41109ABF.4090904@me.point.ne.jp> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <41109ABF.4090904@me.point.ne.jp> cc: freebsd-questions@freebsd.org Subject: Re: IPFW - Allowed but Denied is shown in my logs X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Aug 2004 09:37:32 -0000 On 2004-08-04 17:13, Srot BULL wrote: > > This is found in my /etc/ipfw.rules > ### Allow out non-secure standard www function ### > $CMD 00200 allow tcp from any to any 80 out via $IFN setup keep-state > > ### Allow out send & get email function ### > $CMD 00230 allow tcp from any to any 25 out via $IFN setup keep-state > $CMD 00231 allow tcp from any to any 110 out via $IFN setup keep-state > > ### deny and log everything else that's trying to get out. ### > ### This rule enforces the block all by default logic. ### > $CMD 00299 deny log all from any to any out via $IFN > > Why are the above firewall logs telling me that it has denied my TCP > packets and yet I am not experiencing some problems in my emails and > access to the internet through port 80. [...] Show us the full ruleset. Otherwise we're just guessing...