From owner-freebsd-security Thu Jun 7 11:12:48 2001 Delivered-To: freebsd-security@freebsd.org Received: from imr1.ericy.com (imr1.ericy.com [208.237.135.240]) by hub.freebsd.org (Postfix) with ESMTP id 6614A37B403 for ; Thu, 7 Jun 2001 11:12:44 -0700 (PDT) (envelope-from Antoine.Beaupre@ericsson.ca) Received: from mr6.exu.ericsson.se (mr6u3.ericy.com [208.237.135.123]) by imr1.ericy.com (8.11.3/8.11.3) with ESMTP id f57ICfa24328; Thu, 7 Jun 2001 13:12:41 -0500 (CDT) Received: from noah.lmc.ericsson.se (noah.lmc.ericsson.se [142.133.1.1]) by mr6.exu.ericsson.se (8.11.3/8.11.3) with ESMTP id f57ICe902824; Thu, 7 Jun 2001 13:12:40 -0500 (CDT) Received: from lmc35.lmc.ericsson.se (lmc35.lmc.ericsson.se [142.133.16.175]) by noah.lmc.ericsson.se (8.11.2/8.9.2) with ESMTP id f57ICdG21289; Thu, 7 Jun 2001 14:12:40 -0400 (EDT) Received: by lmc35.lmc.ericsson.se with Internet Mail Service (5.5.2653.19) id ; Thu, 7 Jun 2001 14:12:39 -0400 Received: from lmc.ericsson.se (lmcpc100455.pc.lmc.ericsson.se [142.133.23.150]) by LMC37.lmc.ericsson.se with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id M3YLLHMG; Thu, 7 Jun 2001 14:12:31 -0400 From: "Antoine Beaupre (LMC)" To: "Karsten W. Rohrbach" Cc: freebsd-security@FreeBSD.ORG Message-ID: <3B1FC40D.68911B9D@lmc.ericsson.se> Date: Thu, 07 Jun 2001 14:12:29 -0400 Organization: LMC, Ericsson Research Canada X-Mailer: Mozilla 4.77 [en]C-CCK-MCD (WinNT; U) X-Accept-Language: en,fr-CA,fr MIME-Version: 1.0 Subject: Re: IPFW rules > ports still open! References: <009e01c0ef55$da422340$9201a8c0@home.net><1569370004.20010607180037@mail.spbnit.ru><0e4001c0ef5c$034299e0$241da8c0@ke.balt.net><20010607190013.4a57045e.nikolaj@mail.spbnit.ru><02ab01c0ef6b$b1002610$0900a8c0@windows> <42123753718.20010607201244@sandy.ru> <02de01c0ef74$79397f70$0900a8c0@windows> <20010607200615.P59617@mail.webmonster.de> Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org FWIW, I had some problems adding rules in the format: allow tcp from any to ip 22,3932-32023 I think the parser needs revision... But you have a good hint there, putting the rules in the same rule # A. "Karsten W. Rohrbach" wrote: > > Marcel Dijk(nascar24@home.nl)@2001.06.07 19:08:29 +0000: > > > M> add 615 allow tcp from any to MY_IP 22,5618,10000 > > > M> add 625 allow tcp from MY_IP to any > try: > > add 615 allow tcp from any to MY_IP 22 > add 615 allow tcp from any to MY_IP 5618 > add 615 allow tcp from any to MY_IP 10000 > add 625 allow tcp from MY_IP to any > > perhaps there exist some side effects in the rule parser? > > /k > > -- > > God isn't dead -- he's been busted. > KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie > http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/ > karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de > GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 BF46 > > ------------------------------------------------------------------------ > Part 1.2Type: application/pgp-signature -- La sémantique est la gravité de l'abstraction. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message