From owner-freebsd-questions Mon Jan 1 13:33:14 2001 From owner-freebsd-questions@FreeBSD.ORG Mon Jan 1 13:33:11 2001 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mailbox.mcs.net (Mailbox.mcs.com [192.160.127.87]) by hub.freebsd.org (Postfix) with ESMTP id 0C0D037B400 for ; Mon, 1 Jan 2001 13:33:11 -0800 (PST) Received: (from tforrest@localhost) by mailbox.mcs.net (8.9.3/8.9.3) id PAA09574; Mon, 1 Jan 2001 15:33:03 -0600 (CST) (envelope-from tforrest) Message-Id: <200101012133.PAA09574@mailbox.mcs.net> From: "Tommy Forrest - KE4PYM" To: "freebsd-questions@FreeBSD.ORG" Date: Mon, 01 Jan 2001 16:36:08 -0500 Reply-To: "Tommy Forrest - KE4PYM" Priority: Normal X-Mailer: BluePrint Software Works PMMail2000 with Bandit Tagger98 MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Tag: Bandit Tagger98 - Registered to : KE4PYM Subject: Writing firewall rules Sender: tforrest@mailbox.mcs.net Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi folks. I'm a little confused about writing firewall rules. Many of my rules are as follows ipfw add 1001 deny tcp from any to any 161 So I tried to do a little writing of my own. Specfically, I want to deny outside access (xl0) to port 901. So I tried: ipfw add 1099 deny tcp from xl0 to xl0 901 And it failed. Just got a screen full of ipfw fussing at my that I'd done the wront thing (tm). So how would I write a rule that would block outside access to a port while still allowing inside clients (xl1) access?? Also, why would the OS (4.0) report that a user has mail when, in real life, they start pine and find they have no mail? For example, as root, I get my daily output logs in my mail box. But when I delete them, log out and log back in I'm told I have mail, start pine and there is no mail. Tommy Forrest - KE4PYM - tforrest@mcs.net http://www.mcs.net/~tforrest And now, its time, for some useless, bandwidth wasting words of wisdom: OS/2: Windows with bullet-proof glass. PGP Public Key Fingerprint: E1FD 1327 D9D6 3D9A 6D5E 21CF 902D 41FC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message