Date: Tue, 9 May 2000 18:34:23 -0700 From: "Dan O'Connor" <dan@mostgraveconcern.com> To: <gnitzsch@csc.com>, <freebsd-questions@FreeBSD.ORG> Subject: Re: Firewalls Message-ID: <00da01bfba1f$e07ffd20$0200000a@danco>
next in thread | raw e-mail | index | archive | help
>I currently running version 3.2 of FreeBSD. I am trying to set up a firewall >that will allow users on the system to 'telnet" and 'ftp" out of the system, but >will not let any other type of connection to the system. I have been able to get >every thing to work correctly except the "ftp". I have been able to make the >connection out to the remote hosts but have not been able to set up a rule that >will allow the remote host to setup a connection to send the data. I an sure >this has been done before, could someone show me the correct rule that will >accomplish this? Here's what I have in my /etc/rc.firewall script for FTP: # FTP - Allow outbound, deny inbound ${fwcmd} add pass tcp from any 20 to any setup ${fwcmd} add deny log tcp from any to ${onet}:${omask} 21 in via ${oif} setup ${fwcmd} add pass tcp from any to ${inet}:${imask} 21 setup # Uncomment these and comment-out 'deny' rule above to open up inbound FTP too #${fwcmd} add pass log tcp from any to any 20 setup #${fwcmd} add pass log tcp from any 21 to any setup #${fwcmd} add pass log tcp from any to any 21 setup Good luck! --Dan -- Dan O'Connor On Matters of Most Grave Concern http://www.mostgraveconcern.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?00da01bfba1f$e07ffd20$0200000a>