Date: Thu, 30 Sep 2004 22:32:16 +1000 From: "Steven Adams" <steve@drifthost.com> To: <steve@drifthost.com>, <freebsd-questions@freebsd.org> Subject: RE: IPFW Problem Message-ID: <20040930142936.8EB9543D1D@mx1.FreeBSD.org> In-Reply-To: <58844.61.88.244.4.1096525998.squirrel@61.88.244.4>
next in thread | previous in thread | raw e-mail | index | archive | help
When I add $fwcmd add allow ip from any to any established The messages go away, but when I remove it they come back, I ran a tcpdump it seems most of the packet just have ACK set? Im not to sure whats going on? Steven Adams steve@drifthost.com DriftNet Web Services http://www.drifthost.com Home: +61 2 94274857 Fax: +61 2 94274857 Mobile +61 (0) 404 085644 -----Original Message----- From: steve@drifthost.com [mailto:steve@drifthost.com] Sent: Thursday, 30 September 2004 4:33 PM To: freebsd-questions@freebsd.org Subject: IPFW Problem Hi, I am tryin to setup my Firewall on my server, so far i have the following. =========================================================== oif=bge0 fwcmd=ipfw $fwcmd -f flush $fwcmd add check-state $fwcmd add allow ip from any to any via lo0 $fwcmd add deny ip from any to 127.0.0.0/8 $fwcmd add deny all from any to any frag in via $oif $fwcmd add allow tcp from any to me 21,25,26,53,110,143,443,465,953,993,995,2082,2083,2086,2087,2089,2095,2096,2 627,6666,40000-49452 in via $oif keep-state setup $fwcmd add allow tcp from any to me 80 setup keep-state $fwcmd add allow udp from me 53 to any keep-state $fwcmd add allow udp from any to any 53 keep-state $fwcmd add allow all from me to any out via $oif setup keep-state $fwcmd add deny all from any to any 137,138,139,67,68 in $fwcmd add deny log all from me to any 22 $fwcmd add deny log all from any to any ====================================================== When i turn the firewall on i am getting this in my /var/log/security ======================================================== Sep 30 16:30:48 inertia kernel: ipfw: 1200 Deny TCP SOMECLIENT:2858 MYIP:80 in via bge0 Sep 30 16:30:48 inertia kernel: ipfw: 1200 Deny TCP SOMECLIENT:2864 MYIP:80 in via bge0 Sep 30 16:30:48 inertia kernel: ipfw: 1200 Deny TCP SOMECLIENT:2858 MYIP:80 in via bge0 Sep 30 16:30:48 inertia kernel: ipfw: 1200 Deny TCP MYIP:80 SOMECLIENT:1431 out via bge0 Sep 30 16:30:49 inertia kernel: ipfw: 1200 Deny TCP MYIP:80 SOMECLIENT:2694 out via bge0 Sep 30 16:30:49 inertia kernel: ipfw: 1200 Deny TCP MYIP:80 SOMECLIENT:3059 out via bge0 Sep 30 16:30:49 inertia kernel: ipfw: 1200 Deny TCP MYIP:80 SOMECLIENT:33077 out via bge0 Sep 30 16:30:49 inertia kernel: ipfw: 1200 Deny TCP MYIP:80 SOMECLIENT:33130 out via bge0 ============================================================== I am unsure to why i am getting theses, its like the check-state command is half working.. I can still browse my web server fine but im still getting theses messages. Anyone got any ideas? Thanks Steve _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040930142936.8EB9543D1D>