From owner-freebsd-questions Thu Jul 29 22:16:43 1999 Delivered-To: freebsd-questions@freebsd.org Received: from WEBBSD1.turnaround.com.au (webbsd1.turnaround.com.au [203.39.138.49]) by hub.freebsd.org (Postfix) with ESMTP id CB0D614DF4 for ; Thu, 29 Jul 1999 22:16:38 -0700 (PDT) (envelope-from A_Johns@TurnAround.com.au) Received: from tasajohns (dhcp64.turnaround.com.au [192.168.1.64]) by WEBBSD1.turnaround.com.au (8.8.7/8.8.7) with SMTP id PAA01422; Fri, 30 Jul 1999 15:34:58 +1000 (EST) (envelope-from A_Johns@TurnAround.com.au) From: "Andrew Johns" To: "paz" Cc: Subject: RE: ipchains in FreeBSD Date: Fri, 30 Jul 1999 15:12:01 +1000 Message-ID: <001001beda4a$0e51ceb0$4001a8c0@tasajohns.turnaround.com.au> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook 8.5, Build 4.71.2173.0 In-Reply-To: Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V4.72.3110.3 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG No problem - fire up: 'tcpdump -s 1600 -x -w tcp.output' and then use something like ethereal to analyse the output, so that you can identify where it is failing and thence, why it is so. Then you'll be able to add rules to allow those packets back and forth through your firewall - I'd imagine that they'd be something along the lines of: ipfw add allow tcp 3568 from any to in ipfw add allow tcp 3569 from to any out These rules assume that it's using tcp, if not sub in udp instead. You may also want to limit the to a specified set of servers. HTH AJ > -----Original Message----- > From: paz [mailto:paz@apriori.net] > Sent: Friday, 30 July 1999 13:38 > To: Andrew Johns > Cc: freebsd-questions@FreeBSD.ORG > Subject: RE: ipchains in FreeBSD > > > > On Fri, 30 Jul 1999, Andrew Johns wrote: > > : > > : > I have a FreeBSD host on the internet full-time (apriori.net) with > : > appropriate firewall daemons running, but it fails to allow > : > some traffic > : > generated by other machines (admittedly Windows-based) on my > : [snip] > mode. Here was their reply: > > (included text) > =============================== > Date: 29 Apr 1999 12:33:42 -0700 > From: Support Inet > To: paz > Subject: Re: Delta Force black scree > > Delta Force will not connect properly through a proxy server, > due to the way proxy servers manage your ports. Delta Force > uses dynamic ports, but these are not in line with proxy > port routing. For those of you with firewalls, you can try > ports 0x0df0 and 0x0df1 (3568 and 3569). > > NovaLogic Tech. Support > =============================== > (end included text) > > cheers - > -- Philip. > > philip zimmermann paz@apriori.net > www.apriori.net ayer, ma usa > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message