Date: Sat, 11 Mar 2000 08:40:34 -0800 From: "Dan O'Connor" <dan@jgl.reno.nv.us> To: "Mark Smith" <msmith@beta.tricity.wsu.edu>, <freebsd-questions@FreeBSD.ORG> Subject: Re: ppp filter problems! Message-ID: <006101bf8b78$8bef10a0$0200000a@danco.home>
next in thread | raw e-mail | index | archive | help
>I'm having a problem with filtering on my FreeBSD 3.4R box. I'm using >user PPP. When I use the following rule set, I can ping out and in, >and telnet out but NOT telnet into my box via tun0. When I use tcpdump >to watch tun0, I don't see any packets for telnet coming in. Does >anybody have any ideas? > > set filter in 0 permit icmp > set filter out 0 permit icmp > set filter in 1 permit udp src eq 53 > set filter out 1 permit udp dst eq 53 > set filter in 2 permit tcp src eq 23 estab > set filter out 2 permit tcp dst eq 23 > set filter in 3 permit tcp src eq 80 > set filter out 3 permit tcp dst eq 80 > set filter in 4 permit tcp dst eq 113 > set filter out 4 permit tcp src eq 113 I think you need these rules also: set filter in 5 permit tcp dst eq 23 set filter out 5 permit tcp src eq 23 Of course, I would be remiss if I didn't say that allowing folks on the outside to telnet in is *a bad idea.* You should be using SSH on port 22 if you want to allow access into your machine from the Internet. --Dan ** The thing I like most about Windows 98 is... ** You can download FreeBSD with it! To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?006101bf8b78$8bef10a0$0200000a>