Date: Fri, 3 Mar 2000 11:40:17 +0100 From: "Lowkrantz, Goran" <Goran.Lowkrantz@infologigruppen.se> To: "'Marc Silver'" <marcs@is.co.za>, "Lowkrantz, Goran" <Goran.Lowkrantz@infologigruppen.se> Cc: freebsd-questions@FreeBSD.ORG Subject: RE: Attach to server on FW breaks Message-ID: <B500F74C6527D311B61F0000C0DF5ADC0D4A03@valhall.ign.se>
next in thread | raw e-mail | index | archive | help
Hi Mark, 01300 allow tcp from any to any established I have the line you refer to. Its before the one that I added for the server (03900). Cheers, GLZ > -----Original Message----- > From: Marc Silver [mailto:marcs@is.co.za] > Sent: Friday, March 03, 2000 11:36 AM > To: Lowkrantz, Goran > Cc: freebsd-questions@FreeBSD.ORG > Subject: Re: Attach to server on FW breaks > > > Have you got something like this in your firewall config? > > # Allow TCP through if setup succeeded > $fwcmd add pass tcp from any to any established > > This is taken from /etc/rc.firewall. What it sounds like to me (and I > could be wrong) is that the connection is being accepted and then > afterwards the packets are being truncated by the firewall because you > don't have that line in. > > Try it and hopefully it will work. > > Cheers, > Marc > > On Fri, Mar 03, 2000 at 10:34:36AM +0100, Lowkrantz, Goran wrote: > > > > I am totaly at loss with this, just don't understand why it > does not work > > and can't find anything in the archives. Please enlighten me. > > > > I have a FW based on FreeBSD 3.4-STABLE with ipfw. On this > I try to run a > > server listening to the external interface. I have added > the following rule: > > > > allow log tcp from X.X.X.X to Y.Y.Y.Y Z setup > > > > When connecting, I get the following entry in the log: > > > > Mar 3 10:03:22 ns2 /kernel: ipfw: 3900 Accept TCP > X.X.X.X:13955 Y.Y.Y.Y:Z > > in via xl0 > > > > and they both wait for the client to send the first data. > On the first send > > from the client, the connection is broken and the server > receives an EOF. > > > > I have the server in hosts.allow and even tested with an > ALL:ALL:allow first > > rule but it's the same either way. And yes, rebooted > between test to make > > sure it was seen. > > > > I just don't understand whats happening, as the filterline > before this is > > the smtpd accept line, looking like this > > > > allow log tcp from any to Y.Y.Y.Y 25 setup > > > > and it works! > > > > I need new ideas!! > > > > Cheers, > > GLZ > > > > --- > > Goran Lowkrantz Email : > goran.lowkrantz@infologigruppen.se > > Infologigruppen Alfa AB Telephone: Nat 070-587 8782 Fax: > Nat 070-615 > > 8782 > > Box 202 Int +46 70-587 8782 > Int +46 70-615 > > 8782 > > 941 25 Pitea, Sweden > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > -- > > Marc Silver > IS Hosting Infrastructure > The Internet Solution > Tel: (+27 11) 283 5500 > Fax: (+27 11) 283 5001 > E-mail: marcs@is.co.za > Web: www.is.co.za > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B500F74C6527D311B61F0000C0DF5ADC0D4A03>