From owner-freebsd-questions@FreeBSD.ORG  Wed Oct 13 05:31:46 2004
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7B33A16A4CE
	for <freebsd-questions@freebsd.org>;
	Wed, 13 Oct 2004 05:31:46 +0000 (GMT)
Received: from greenhill.txc.net.au (greenhill.txc.net.au [202.61.171.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 488FA43D1D
	for <freebsd-questions@freebsd.org>;
	Wed, 13 Oct 2004 05:31:45 +0000 (GMT)
	(envelope-from tim@spyderweb.com.au)
Received: from bofh.spyderweb.com.au
	(static-9.235.240.220.dsl.comindico.com.au [220.240.235.9])
	i9D5VkdF017637	for <freebsd-questions@freebsd.org>;
	Wed, 13 Oct 2004 15:01:48 +0930 (CST)
	(envelope-from tim@spyderweb.com.au)
Received: from spyderweb.com.au (localhost [127.0.0.1])
	by bofh.spyderweb.com.au (8.13.1/8.13.1) with SMTP id i9D5VPmB001768
	for <freebsd-questions@freebsd.org>;
	Wed, 13 Oct 2004 15:01:26 +0930 (CST)
	(envelope-from tim@spyderweb.com.au)
Date: Wed, 13 Oct 2004 15:01:25 +0930
From: Tim Aslat <tim@spyderweb.com.au>
To: freebsd-questions@freebsd.org
Message-ID: <20041013150125.554264f8@bofh.spyderweb.com.au>
In-Reply-To: <20041013050424.GA87540@skytrackercanada.com>
References: <20041013033432.GA6977@skytrackercanada.com>
	<20041013123517.F7D6.LUKEK@meibin.net>
	<20041013050424.GA87540@skytrackercanada.com>
Organization: Spyderweb Consulting
X-Mailer: Sylpheed-Claws 0.9.12a (GTK+ 1.2.10; i386-portbld-freebsd5.2.1)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: ipfw - denying all - what port for OE
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>,
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Oct 2004 05:31:46 -0000

In the immortal words of David Banning
<david+dated+1098075866.4c9cf2@skytracker.ca>...

> My server is my desktop. My ipfw rules follow. Whenever I take
> out line 12000 is runs fine. When I put it back in I can't run
> OE. 
<snip>

You might want to try something like:

ipfw add allow ip from any to me 25  # SMTP
ipfw add allow ip from any to me 52  # DNS
ipfw add allow ip from any to me 67  # DHCP
ipfw add allow ip from any to me 80  # HTTP
ipfw add allow ip from any to me 110 # POP3
ipfw add allow ip from any to me 143 # IMAP
ipfw add allow ip from any to me 443 # HTTPS

and so forth.  Note the "from any to me" rather than "from any to any"

Hope this helps

Cheers

Tim


-- 
Tim Aslat <tim@spyderweb.com.au>
Spyderweb Consulting
http://www.spyderweb.com.au
Phone: +61 0401088479