From owner-freebsd-questions  Fri Mar  3  1:34:27 2000
Delivered-To: freebsd-questions@freebsd.org
Received: from ns2.infologigruppen.se (ns2.infologigruppen.se [212.214.163.69])
	by hub.freebsd.org (Postfix) with ESMTP id 682B937B5F4
	for <freebsd-questions@FreeBSD.ORG>; Fri,  3 Mar 2000 01:34:23 -0800 (PST)
	(envelope-from Goran.Lowkrantz@infologigruppen.se)
Received: (from uucp@localhost)
	by ns2.infologigruppen.se (8.9.3/8.9.3) id KAA01863
	for <freebsd-questions@FreeBSD.ORG>; Fri, 3 Mar 2000 10:34:20 +0100 (CET)
	(envelope-from Goran.Lowkrantz@infologigruppen.se)
Received: from valhall.ign.se(192.168.3.1)
 via SMTP by bifrost-net.ign.se, id smtpdBW1861; Fri Mar  3 10:34:18 2000
Received: by valhall.ign.se with Internet Mail Service (5.5.2448.0)
	id <1S9R5SAK>; Fri, 3 Mar 2000 10:34:37 +0100
Message-ID: <B500F74C6527D311B61F0000C0DF5ADC0D49FF@valhall.ign.se>
From: "Lowkrantz, Goran" <Goran.Lowkrantz@infologigruppen.se>
To: freebsd-questions@FreeBSD.ORG
Subject: Attach to server on FW breaks
Date: Fri, 3 Mar 2000 10:34:36 +0100 
MIME-Version: 1.0
X-Mailer: Internet Mail Service (5.5.2448.0)
Content-Type: text/plain;
	charset="iso-8859-1"
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG


I am totaly at loss with this, just don't understand why it does not work
and can't find anything in the archives. Please enlighten me.

I have a FW based on FreeBSD 3.4-STABLE with ipfw. On this I try to run a
server listening to the external interface. I have added the following rule:

allow log tcp from X.X.X.X to Y.Y.Y.Y Z setup

When connecting, I get the following entry in the log:

Mar  3 10:03:22 ns2 /kernel: ipfw: 3900 Accept TCP X.X.X.X:13955 Y.Y.Y.Y:Z
in via xl0

and they both wait for the client to send the first data. On the first send
from the client, the connection is broken and the server receives an EOF.

I have the server in hosts.allow and even tested with an ALL:ALL:allow first
rule but it's the same either way. And yes, rebooted between test to make
sure it was seen.

I just don't understand whats happening, as the filterline before this is
the smtpd accept line, looking like this

allow log tcp from any to Y.Y.Y.Y 25 setup

and it works!

I need new ideas!! 

Cheers,
	GLZ

---
Goran Lowkrantz         Email    : goran.lowkrantz@infologigruppen.se
Infologigruppen Alfa AB Telephone: Nat    070-587 8782 Fax: Nat    070-615
8782
Box 202                            Int +46 70-587 8782      Int +46 70-615
8782
941 25 Pitea,  Sweden   


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message