From owner-freebsd-stable Sun Sep 2 12:23:37 2001 Delivered-To: freebsd-stable@freebsd.org Received: from obelix.spectraweb.ch (obelix.plusnet.ch [194.158.230.8]) by hub.freebsd.org (Postfix) with ESMTP id 31A4B37B403 for ; Sun, 2 Sep 2001 12:23:32 -0700 (PDT) Received: from pc-service.ch (abo-ls-14-2-2-dialup-68.spectraweb.ch [194.230.236.68]) by obelix.spectraweb.ch (8.11.2/8.9.3/SuSE Linux 8.9.3-0.1) with ESMTP id f82JNOT02539 for ; Sun, 2 Sep 2001 21:23:24 +0200 Received: (from martin@localhost) by pc-service.ch (8.11.3/8.11.3) id f82HiIE00291 for freebsd-stable@freebsd.org; Sun, 2 Sep 2001 19:44:18 +0200 (CEST) (envelope-from pcservice.schweizer@spectraweb.ch) Date: Sun, 2 Sep 2001 19:44:13 +0200 From: Martin Schweizer To: freebsd-stable@freebsd.org Subject: IPFirewall again Message-ID: <20010902194412.A279@pc-service.ch> Reply-To: Martin Schweizer Mime-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit User-Agent: Mutt/1.2.5i Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Hello If I use the following rules and I can connect via ftp (for example ftp.freebsd.org) but after the successful login I can't do "ls". The permissons are always denied. Why? Which port need I also? # DNS (läuft nur über UDP) ipfw add allow udp from me to any 53 keep-state # SMTP ipfw add allow tcp from me to any 25 keep-state ipfw add allow udp from me to any 25 keep-state # POP3 ipfw add allow tcp from me to any 110 keep-state ipfw add allow udp from me to any 110 keep-state # HTTP ipfw add allow tcp from me to any 80 keep-state ipfw add allow udp from me to any 80 keep-state # FTP ipfw add allow tcp from any to any 20 keep-state ipfw add allow udp from any to any 20 keep-state # FTP 2. ipfw add allow tcp from any to any 21 keep-state ipfw add allow udp from any to any 21 keep-state # SSH ipfw add allow tcp from me to any 22 keep-state ipfw add allow udp from me to any 22 keep-state # Telnet ipfw add allow tcp from me to any 23 keep-state ipfw add allow udp from me to any 23 keep-state # Ping / TraceRoute ipfw add allow icmp from me to any # Whois ipfw add allow tcp from me to any 63 keep-state ipfw add allow udp from me to any 63 keep-state # Gopher ipfw add allow tcp from me to any 70 keep-state ipfw add allow udp from me to any 70 keep-state # Finger ipfw add allow tcp from me to any 79 keep-state ipfw add allow udp from me to any 79 keep-state # NNTP ipfw add allow tcp from me to any 119 keep-state ipfw add allow udp from me to any 119 keep-state # NTP ipfw add allow tcp from me to any 123 keep-state ipfw add allow udp from me to any 123 keep-state -- Regards, Martin Schweizer PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message