Date: Sat, 25 Aug 2007 16:45:17 -0500 From: David Kelly <dkelly@HiWAAY.net> To: Narek Gharibyan <ngharibyan@arm.synisys.com> Cc: FreeBSD Questions <questions@freebsd.org> Subject: Re: IPFW and HTTPS problem Message-ID: <D1E2FEF7-CDB2-4A20-A8F7-384BCCB20B92@HiWAAY.net> In-Reply-To: <01d201c7e75d$21950ea0$180ca8c0@arm.synisys.com> References: <01d201c7e75d$21950ea0$180ca8c0@arm.synisys.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Aug 25, 2007, at 4:15 PM, Narek Gharibyan wrote: > I enabled https for my webmail. It works for LAN client but doesn't > work for > Internet clients. I checked with tcpdump ipfw filters the incomping > https > packets unless the rule tcpdump is the hard way. # ipfw zero try the webmail. # ipfw -a list Examine the above list for rules have been hit since zero. Your answer lies among the rules which have been hit. You might add "ipfw add 65000 deny log ip from any to any" and see what shows in /var/log/security for more details. If you see hits on a rule but don't understand why, add "log" to it. Probably best to duplicate that rule with a lower number so the "log" version is used first. And easy to remove the logging version later without touching the original. -- David Kelly N4HHE, dkelly@HiWAAY.net ======================================================================== Whom computers would destroy, they must first drive mad.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D1E2FEF7-CDB2-4A20-A8F7-384BCCB20B92>