From owner-freebsd-security  Thu Apr 11  1:16:14 2002
Delivered-To: freebsd-security@freebsd.org
Received: from nippur.irb.hr (nippur.irb.hr [161.53.128.127])
	by hub.freebsd.org (Postfix) with ESMTP id DAE6537B404
	for <security@FreeBSD.ORG>; Thu, 11 Apr 2002 01:16:05 -0700 (PDT)
Received: from localhost (keeper@localhost)
	by nippur.irb.hr (8.9.3/8.9.3) with ESMTP id KAA22101
	for <security@FreeBSD.ORG>; Thu, 11 Apr 2002 10:15:44 +0200 (MET DST)
Date: Thu, 11 Apr 2002 10:15:44 +0200 (MET DST)
From: Mario Pranjic <mario.pranjic@irb.hr>
To: <security@FreeBSD.ORG>
Subject: ipfw configuration
Message-ID: <Pine.GSO.4.32.0204111012220.20726-100000@nippur.irb.hr>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Hi!

I'm configuring my first firewall on FreeBSD 4.5 release.
The default rule is:
65535 deny ip from any to any

I need to allow icmp, ssh, http, ftp and some other services.
It's not a problem to allow such services, i.e:
00600 allow tcp from any to any 22 setup


But what do I need to allow in generally, i.e allow al outgoing ports
>1024.

Can anyone give me some hints?

Thanks!

Mario Pranjic, dipl.ing.
sistem administrator
Knjiznica, Institut Rudjer Boskovic
-------------------------------------
e-mail: mario.pranjic@irb.hr
ICQ: 72059629
tel: +385 1 45 60 954 (interni: 1293)
-------------------------------------



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message