From owner-freebsd-questions Sat Feb 5 12:54:20 2000 Delivered-To: freebsd-questions@freebsd.org Received: from subcellar.mwci.net (subcellar.mwci.net [205.254.160.2]) by builder.freebsd.org (Postfix) with ESMTP id 2AB804620 for ; Sat, 5 Feb 2000 12:54:03 -0800 (PST) Received: from sean.mwci.net (kb0lcj-10.dbq.mwci.net [209.207.4.10]) by subcellar.mwci.net (8.8.8/8.8.8) with SMTP id OAA24952 for ; Sat, 5 Feb 2000 14:54:12 -0600 (CST) To: freebsd-questions@freebsd.org Subject: Can't connect to localhost.. From: "Sean Heber" Reply-To: sheber@mwci.net Date: Sat, 05 Feb 2000 14:54:11 -0600 Content-Type: text/plain; charset="ISO-8859-1" Message-ID: <949784051_PM_BeOS.sheber@mwci.net> MIME-Version: 1.0 X-Mailer: Postmaster 1.1 for BeOS Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG I suspect this is due to a firewall rule, but I'm afraid of locking myself out of the system so I would appreciate some advice on what rule I need to add/edit to allow me to connect to localhost at least to send mail via SMTP. Some programs don't like the fact that they can't connect to localhost (fetchmail... :-) Someone else helped me put together my current list of rules. Here's what I get: $ telnet 127.0.0.1 25 Trying 127.0.0.1... telnet: Unable to connect to remote host: Permission denied Here's my current rule list: # Stop RFC1918 nets on the outside interface $fwcmd add deny log all from 192.168.0.0:255.255.0.0 to any in recv ${oif} $fwcmd add deny log all from 172.16.0.0:255.240.0.0 to any in recv ${oif} $fwcmd add deny log all from 10.0.0.0:255.0.0.0 to any in recv ${oif} # Allow any ip (tcp and udp) packets to go out the outside interface $fwcmd add pass all from any to any out xmit ${oif} # Allow established tcp connections from outside interface $fwcmd add pass tcp from any to any in recv ${oif} established #allows smtp $fwcmd add pass log tcp from any to any 25 in recv ${oif} setup #allows ssh $fwcmd add pass log tcp from any to any 22 in recv ${oif} setup #allows ftp $fwcmd add pass log tcp from any to any 20 in recv ${oif} setup $fwcmd add pass log tcp from any to any 21 in recv ${oif} setup $fwcmd add pass log tcp from any 20 to any in recv ${oif} setup $fwcmd add pass log tcp from any 21 to any in recv ${oif} setup #allows http $fwcmd add pass log tcp from any to any 80 in recv ${oif} setup #allows https $fwcmd add pass log tcp from any to any 443 in recv ${oif} setup #allows pop3 $fwcmd add pass log tcp from any to any 110 in recv ${oif} setup # Deny and log setup of any other tcp connections from outside interface $fwcmd add deny log tcp from any to any in recv ${oif} setup # Allow replies to DNS queries from outside interface $fwcmd add pass udp from any 53 to any 1024-65535 in recv ${oif} $fwcmd add pass udp from any to any 53 in recv ${oif} # Allow outbound pings $fwcmd add pass icmp from any to any in recv ${oif} icmptypes 0 $fwcmd add pass icmp from any to any out xmit ${oif} icmptypes 8 # Allow outbound traceroutes $fwcmd add pass icmp from any to any in recv ${oif} icmptypes 3 $fwcmd add pass icmp from any to any in recv ${oif} icmptypes 11 # Allow ntp packets $fwcmd add pass udp from any ntp to any ntp in recv ${oif} # Everything else is denied by default, but let's log it too $fwcmd add 65534 deny log ip from any to any Thanks! l8r Sean http://www.bebits.com/ BeBits - Lots of BeOS stuff. ----------------------------------- This message was sent with the demo version of Postmaster, a BeOS mail client. For more information, please visit http://kennyc.com/postmaster To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message