From owner-freebsd-questions Fri May 12 13:22: 5 2000 Delivered-To: freebsd-questions@freebsd.org Received: from nscache2.x-treme.gr (mail1.x-treme.gr [212.120.196.23]) by hub.freebsd.org (Postfix) with ESMTP id 2503D37B978 for ; Fri, 12 May 2000 13:21:55 -0700 (PDT) (envelope-from keramida@ceid.upatras.gr) Received: from hades.hell.gr (pat47.x-treme.gr [212.120.197.239]) by nscache2.x-treme.gr (8.9.3/8.9.3/IPNG-ADV-ANTISPAM-0.1) with ESMTP id XAA08481; Fri, 12 May 2000 23:21:48 +0300 Received: (from charon@localhost) by hades.hell.gr (8.10.1/8.10.1) id e4CKLjK76208; Fri, 12 May 2000 23:21:45 +0300 (EEST) Date: Fri, 12 May 2000 23:21:44 +0300 From: Giorgos Keramidas To: Steffen Vorrix Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Firewall Problem? Message-ID: <20000512232144.A76165@hades.hell.gr> References: <002b01bfbb8d$744958d0$fd03a8c0@ws028> <20000512002059.A64407@hades.hell.gr> <000f01bfbb8f$8c797230$fd03a8c0@ws028> <20000512003659.C64407@hades.hell.gr> <005701bfbb91$fc3d6fc0$fd03a8c0@ws028> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0.1i In-Reply-To: <005701bfbb91$fc3d6fc0$fd03a8c0@ws028>; from steffen@ntr.net on Thu, May 11, 2000 at 05:43:44PM -0400 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, May 11, 2000 at 05:43:44PM -0400, Steffen Vorrix wrote: > Here is the client side firewall ruleset: > > 00010 1047807 694950842 divert 8668 ip from any to any via fxp0 > 00015 2106420 1391179792 allow ip from any to any > 65535 4 630 deny ip from any to any > > I have also opened up the server side completely with the following ruleset. > > 00010 63013227 25044329410 divert 8668 ip from any to any via fxp0 > 65000 119486149 49311863501 allow ip from any to any > 65535 0 0 deny ip from any to any If even with these rules in place, you still can not connect from machine A to machine B, one of two things can be the case: 1. Some machine "between" A and B is filtering out traffic. 2. Some other problem in the network setup of either A or B exists. With 'allow ip from any to any', the two machines are definitely not blocking *any* traffic at all. - giorgos To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message