From owner-freebsd-questions@FreeBSD.ORG Mon Jan 3 18:28:19 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0D55F16A4CE for ; Mon, 3 Jan 2005 18:28:19 +0000 (GMT) Received: from smtp-vbr1.xs4all.nl (smtp-vbr1.xs4all.nl [194.109.24.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D9FD43D31 for ; Mon, 3 Jan 2005 18:28:18 +0000 (GMT) (envelope-from gmeijer@palmweb.nl) Received: from guus (simoon.xs4all.nl [213.84.111.205]) by smtp-vbr1.xs4all.nl (8.12.11/8.12.11) with SMTP id j03ISF72085616 for ; Mon, 3 Jan 2005 19:28:16 +0100 (CET) (envelope-from gmeijer@palmweb.nl) Message-ID: <068101c4f1c2$26f11620$9600000a@guus> From: "Gerard Meijer" To: Date: Mon, 3 Jan 2005 19:29:24 +0100 MIME-Version: 1.0 X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2900.2180 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180 X-Virus-Scanned: by XS4ALL Virus Scanner Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: ipfw question (FreeBSD 4.11) X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 03 Jan 2005 18:28:19 -0000 I run apache webserver on my server with FreeBSD 4.11 I have a question about ipfw. I have the following rules in my = /etc/ipfw.conf: $cmd 00200 allow tcp from any to any 80 out via $pif setup keep-state $cmd 00400 allow tcp from any to any 80 in via $pif setup keep-state (with $pif being my NIC) Now, everything works fine for me, but I get a = lot (and I mean a lot) of these kind of messages in my log: [Date] [time] [host] /kernel: ipfw: 299 Deny TCP a.b.c.d:80 e.f.g.h:4472 = out via em0 [Date] [time] [host] /kernel: ipfw: 499 Deny TCP e.f.g.h:1882 a.b.c.d:80 = in via em0 (with a.b.c.d being my ip and e.f.g.h being somebody elses ip). I guess these people are not surfing through port 80??? Correct me if = I'm wrong. How can I change ipfw's rules so that these people aren't = blocked anymore? Thanks in advance!