From owner-freebsd-ipfw Mon Dec 9 6:13:49 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5DD1B37B401; Mon, 9 Dec 2002 06:13:48 -0800 (PST) Received: from diana.northnetworks.ca (att-ws20.switchview.com [216.13.70.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 565E343EC2; Mon, 9 Dec 2002 06:13:47 -0800 (PST) (envelope-from iaccounts@northnetworks.ca) Received: from northnetworks.ca ([192.168.0.250]) by diana.northnetworks.ca (8.11.6/8.11.6) with ESMTP id gB9EDYL59887; Mon, 9 Dec 2002 09:13:35 -0500 (EST) (envelope-from iaccounts@northnetworks.ca) Message-ID: <3DF4A4E0.9000906@northnetworks.ca> Date: Mon, 09 Dec 2002 09:12:48 -0500 From: Steve Bertrand User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.0rc3) Gecko/20020524 X-Accept-Language: en-us, en MIME-Version: 1.0 To: "Crist J. Clark" Cc: freebsd-ipfw@FreeBSD.ORG Subject: Re: Auto-recover References: <3DEE16D7.1020706@northnetworks.ca> <20021207005118.GA57927@blossom.cjclark.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG >On Wed, Dec 04, 2002 at 09:53:11AM -0500, Steve Bertrand wrote: > > >>No matter what I do, the auto-recover script (change_rules.sh) will not >>process my new rules properly when connected via ssh. I suspect that >>this is due to the flush at the top of my rules script. After >>modification of my firewall script, I have to log back into the box and >>the old rules are re-loaded. >> >>Is there something special that I have to add or remove from my ruleset >>to make this process work properly? >> >> > >What's in the temporary file, ${TMPDIR:-/tmp}/change_rules.XXXXXX, >when you log back in? > > All of the files here are empty files. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Dec 14 3:20:32 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7B3BF37B404 for ; Sat, 14 Dec 2002 03:20:31 -0800 (PST) Received: from sima.sita.kiev.ua (sima.sita.kiev.ua [193.193.223.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0261743EA9 for ; Sat, 14 Dec 2002 03:20:29 -0800 (PST) (envelope-from ay@sita.kiev.ua) Received: (from ay@localhost) by sima.sita.kiev.ua (8.Who.Cares/8.Who.Cares) id gBEBKR854616 for fbsd-ipfw@sita.kiev.ua; Sat, 14 Dec 2002 13:20:27 +0200 (EET) (envelope-from ay) Date: Sat, 14 Dec 2002 13:20:26 +0200 From: Alexander Yeremenko To: fbsd-ipfw@sita.kiev.ua Subject: ftpd through firewall Message-ID: <20021214131949.A54596@sita.kiev.ua> References: <200212141115.gBEBFh754575@sima.sita.kiev.ua> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <200212141115.gBEBFh754575@sima.sita.kiev.ua>; from MAILER-DAEMON on Sat, Dec 14, 2002 at 01:15:43PM +0200 Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I have a box, running lukemftpd with rc.firewall, containing: ${ipfw} add pass all from me to any ${ipfw} add pass tcp from any to me ftp ${ipfw} add pass udp from any to me When trying to execute ls or get from remote server session hungs in a state SYN_SENT, even if ftp -p executes. -- AY7-UANIC || AY15-RIPE To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message From owner-freebsd-ipfw Sat Dec 14 16:15:14 2002 Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 960D737B401 for ; Sat, 14 Dec 2002 16:15:13 -0800 (PST) Received: from mta3.srv.hcvlny.cv.net (mta3.srv.hcvlny.cv.net [167.206.5.9]) by mx1.FreeBSD.org (Postfix) with ESMTP id F135943E4A for ; Sat, 14 Dec 2002 16:15:12 -0800 (PST) (envelope-from agapon@excite.com) Received: from asv10.srv.hcvlny.cv.net (asv10.srv.hcvlny.cv.net [167.206.5.38]) by mta3.srv.hcvlny.cv.net (iPlanet Messaging Server 5.2 HotFix 1.05 (built Nov 6 2002)) with ESMTP id <0H7400L1OWP6C2@mta3.srv.hcvlny.cv.net> for freebsd-ipfw@freebsd.org; Sat, 14 Dec 2002 19:15:06 -0500 (EST) Received: from mta8.srv.hcvlny.cv.net (mta8.srv.hcvlny.cv.net [167.206.5.23]) by asv10.srv.hcvlny.cv.net (8.11.6/8.11.6) with ESMTP id gBF0F3w07528 for ; Sat, 14 Dec 2002 19:15:04 -0500 (EST) Received: from edge.foundation.invalid (ool-4352ef3f.dyn.optonline.net [67.82.239.63]) by mta8.srv.hcvlny.cv.net (iPlanet Messaging Server 5.2 HotFix 1.05 (built Nov 6 2002)) with ESMTP id <0H7400FKUWO8FP@mta8.srv.hcvlny.cv.net> for freebsd-ipfw@freebsd.org; Sat, 14 Dec 2002 19:14:32 -0500 (EST) Received: from localhost (localhost.foundation.invalid [127.0.0.1]) by edge.foundation.invalid (8.12.6/8.12.3) with ESMTP id gBF0F1S8000404; Sat, 14 Dec 2002 19:15:01 -0500 (EST envelope-from agapon@excite.com) Date: Sat, 14 Dec 2002 19:15:01 -0500 (EST) From: Andriy Gapon Subject: Re: ftpd through firewall X-X-Sender: avg@edge.foundation.invalid To: freebsd-ipfw@freebsd.org Cc: Alexander Yeremenko Message-id: <20021214191213.V400-100000@edge.foundation.invalid> MIME-version: 1.0 Content-type: TEXT/PLAIN; charset=US-ASCII Content-transfer-encoding: 7BIT Sender: owner-freebsd-ipfw@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Does your client use a passive mode by a chance ? If yes, then you need to open ftp-data port too, of course. -- Andriy Gapon * "The worst part of communication is the illusion that it has actually occurred". M. Jenkins. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ipfw" in the body of the message