From owner-freebsd-questions@FreeBSD.ORG  Sat Aug 25 21:16:16 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 8DBDE16A47F;
	Sat, 25 Aug 2007 21:16:16 +0000 (UTC)
	(envelope-from ngharibyan@arm.synisys.com)
Received: from arm.synisys.com (mx.arm.synisys.com [91.103.27.98])
	by mx1.freebsd.org (Postfix) with ESMTP id B8AAF13C458;
	Sat, 25 Aug 2007 21:16:09 +0000 (UTC)
	(envelope-from ngharibyan@arm.synisys.com)
Received: from sis2w001 by arm.synisys.com (MDaemon PRO v9.6.1)
	with ESMTP id md50000029080.msg; Sun, 26 Aug 2007 02:16:01 +0500
From: "Narek Gharibyan" <ngharibyan@arm.synisys.com>
To: <freebsd-questions@freebsd.org>
Date: Sun, 26 Aug 2007 02:15:58 +0500
Message-ID: <01d201c7e75d$21950ea0$180ca8c0@arm.synisys.com>
MIME-Version: 1.0
X-Mailer: Microsoft Office Outlook 11
thread-index: AcfnXSFINl4fwdHsQrWgy2Qdh6JXKQ==
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.3138
X-Spam-Processed: arm.synisys.com, Sun, 26 Aug 2007 02:16:01 +0500
	(not processed: message from valid local sender)
X-MDOP-RefID: str=0001.0A09020A.46D09C0F.0069,ss=1,fgs=0 (_st=1 _vt=0 _iwf=0)
X-Return-Path: ngharibyan@arm.synisys.com
X-Envelope-From: ngharibyan@arm.synisys.com
X-MDAV-Processed: arm.synisys.com, Sun, 26 Aug 2007 02:16:01 +0500
Content-Type: text/plain;
	charset="koi8-r"
Content-Transfer-Encoding: 7bit
X-Content-Filtered-By: Mailman/MimeDel 2.1.5
Cc: questions@freebsd.org
Subject: IPFW and HTTPS problem
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Aug 2007 21:16:16 -0000

I enabled https for my webmail. It works for LAN client but doesn't work for
Internet clients. I checked with tcpdump ipfw filters the incomping https
packets unless the rule

Ipfw add allow tcp from any to ${webmail} 443

Ipfw add allow tcp from ${webmail} 443 to any

 

Even I tried 

 

Ipfw add allow all from any to ${webmail}  keep-state

Ipfw add allow all from ${webmail} to any keep-state

 

Nothing helps.

 

Any comments? 

Are there any specific ipfw configurations related to https? 

 

Thank you in advance

Narek