From owner-freebsd-ipfw Fri Jul 19 1:57: 4 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BBBE537B400 for ; Fri, 19 Jul 2002 01:57:01 -0700 (PDT) Received: from srv1.cosmo-project.de (srv1.cosmo-project.de [213.83.6.106]) by mx1.FreeBSD.org (Postfix) with ESMTP id AD7A743E64 for ; Fri, 19 Jul 2002 01:57:00 -0700 (PDT) (envelope-from ticso@cicely5.cicely.de) Received: from cicely5.cicely.de (cicely5.cicely.de [IPv6:3ffe:400:8d0:301:200:92ff:fe9b:20e7]) (authenticated bits=0) by srv1.cosmo-project.de (8.12.3/8.12.3) with ESMTP id g6J8up0i009610 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=OK); Fri, 19 Jul 2002 10:56:56 +0200 (CEST) (envelope-from ticso@cicely5.cicely.de) Received: from cicely5.cicely.de (localhost [IPv6:::1]) by cicely5.cicely.de (8.12.1/8.12.1) with ESMTP id g6J8upFJ044882 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Fri, 19 Jul 2002 10:56:51 +0200 (CEST)?g (envelope-from ticso@cicely5.cicely.de) Received: (from ticso@localhost) by cicely5.cicely.de (8.12.1/8.12.1/Submit) id g6J8un4F044881; Fri, 19 Jul 2002 10:56:49 +0200 (CEST)?g (envelope-from ticso) Date: Fri, 19 Jul 2002 10:56:49 +0200 From: Bernd Walter To: Didier Rwitura Cc: ipfw@FreeBSD.ORG Subject: Re: disconection Message-ID: <20020719085648.GI41699@cicely5.cicely.de> Reply-To: ticso@cicely.de References: <200207181921.1340411.6@btsoftware.com> <005f01c22e83$e19188c0$b0120a0a@primustel.ca> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <005f01c22e83$e19188c0$b0120a0a@primustel.ca> X-Operating-System: FreeBSD cicely5.cicely.de 5.0-CURRENT i386 User-Agent: Mutt/1.5.1i Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Thu, Jul 18, 2002 at 01:52:26PM -0400, Didier Rwitura wrote: > Thanx martin and Thomas > > - the auto-off is off completely .. I guess the reason is mostly the > firewall > > - to answer Thomas > > yeap i do > here are my ipfw rules : > > #allow ssh > add 00300 allow tcp from 216.254.136.110 to any ssh in setup keep-state > > add 00301 allow tcp from any to any out setup keep-state > > add 00302 allow tcp from any ssh to any out setup keep-state > add 00304 allow tcp from any to any ssh in > add 00305 allow tcp from any to any out setup keep-state add 299 check-states What is the duplicate 301/305 for? If you need 304 that's a good sign that packets for your session did not passed through a check-states. -- B.Walter COSMO-Project http://www.cosmo-project.de ticso@cicely.de Usergroup info@cosmo-project.de To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message