From owner-freebsd-stable@FreeBSD.ORG  Wed May 16 15:31:47 2012
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id D08B0106564A
	for <freebsd-stable@freebsd.org>; Wed, 16 May 2012 15:31:47 +0000 (UTC)
	(envelope-from olivier@gid0.org)
Received: from mail-lpp01m010-f54.google.com (mail-lpp01m010-f54.google.com
	[209.85.215.54])
	by mx1.freebsd.org (Postfix) with ESMTP id 4D0D98FC1D
	for <freebsd-stable@freebsd.org>; Wed, 16 May 2012 15:31:47 +0000 (UTC)
Received: by laai10 with SMTP id i10so846976laa.13
	for <freebsd-stable@freebsd.org>; Wed, 16 May 2012 08:31:46 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=google.com; s=20120113;
	h=mime-version:in-reply-to:references:date:message-id:subject:from:to
	:cc:content-type:content-transfer-encoding:x-gm-message-state;
	bh=+oCEnwa5IZaLEjHnwTghUAeI7E3fYQ1TivcSsqXjLQk=;
	b=SQ3VKzkFkg6yv8NeOrVFOnohbJWYAjudF0CjlV1KigJnLNKfOYRp7R008Qk19MMj92
	xVzTWgf595/GfZKiMaEHP8M8DUlBzorZibVHFduPMPJGi/gDfO4DZFiqzbvDmdaga8iG
	N64hjRH5PmiP2LnHTJStyJsRlXDyve4HDU3P/oSdaBPa+igdvamo1SXJOavWvPttusAQ
	UGhLC7DQLqWLHrsO0uTf15EshKxdm4aomoF7BaDtHOJe6QeZgPNWG8inTsy1W6MMDNsj
	6/zs5UOgYZ+RjinzBphUUf627D6fah7jOHVuEXGRgvqkWPjV6q5HsM+I8JEPxLJ7jixz
	lWdA==
MIME-Version: 1.0
Received: by 10.152.106.9 with SMTP id gq9mr3457961lab.14.1337182305957; Wed,
	16 May 2012 08:31:45 -0700 (PDT)
Received: by 10.112.95.18 with HTTP; Wed, 16 May 2012 08:31:45 -0700 (PDT)
In-Reply-To: <4401af9c070d50d16493829cc39f6ba2.squirrel@mail.digital-infotech.net>
References: <4401af9c070d50d16493829cc39f6ba2.squirrel@mail.digital-infotech.net>
Date: Wed, 16 May 2012 17:31:45 +0200
Message-ID: <CABzXLYP8EdaLCkfvxw_GGdw0BgessbcieF2iE8nJhciu_4WTWw@mail.gmail.com>
From: Olivier Smedts <olivier@gid0.org>
To: prabhpal@digital-infotech.net
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQmUinh0L8v+jEvzuToEMsgVYVTsGARrNoFiRC4CARy9u9TvhL7+TxF9ph1OXv5APOmKRqxI
Cc: freebsd-stable@freebsd.org
Subject: Re: UDP Port Open - Shorewall
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 16 May 2012 15:31:47 -0000

2012/5/16 Shiv. NK <prabhpal@digital-infotech.net>:
> Dear List Members,
>
> i trust anyone of you would have experience with Shorewall Firewall. I
> have the following rule in rule file that is "/etc/shorewall/rules".
> Traffic is not passing through.
>
> ACCEPT =A0 =A0 =A0 =A0 =A0net =A0 =A0 loc:72.211.25.74 =A0 =A0 =A0 udp =
=A0123
>
> This rule is working alright. i have problem understanding why udp has
> problem
> ACCEPT =A0 =A0 =A0 =A0 =A0net =A0 =A0 loc:72.211.25.74 =A0 =A0 =A0 tcp =
=A025

I don't see this question as related to FreeBSD -STABLE.

But maybe you should explicitely accept udp packet returns. Your
firewall (which I don't know) surely keeps states of TCP connections
and implicitely accepts packets returns.

Cheers.

>
> Thanks / Regards
>
>
> _______________________________________________
> freebsd-stable@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-stable
> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"

--=20
Olivier Smedts=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0=A0 _
=A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0 =A0=
 =A0 ASCII ribbon campaign ( )
e-mail: olivier@gid0.org=A0 =A0 =A0 =A0 - against HTML email & vCards=A0 X
www: http://www.gid0.org=A0 =A0 - against proprietary attachments / \

=A0 "Il y a seulement 10 sortes de gens dans le monde :
=A0 ceux qui comprennent le binaire,
=A0 et ceux qui ne le comprennent pas."