From owner-freebsd-questions@FreeBSD.ORG Sun Nov 7 14:21:36 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AA31416A4CE for ; Sun, 7 Nov 2004 14:21:36 +0000 (GMT) Received: from mail3.bluewin.ch (mail3.bluewin.ch [195.186.1.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id 24B2743D5D for ; Sun, 7 Nov 2004 14:21:36 +0000 (GMT) (envelope-from martin@saturn.pcs.ms) Received: from saturn.pcs.ms (81.62.24.201) by mail3.bluewin.ch (Bluewin AG 7.0.030.2) id 41862FF2000985D3; Sun, 7 Nov 2004 14:20:32 +0000 Received: from saturn.pcs.ms (localhost [127.0.0.1]) by saturn.pcs.ms (8.12.11/8.12.11) with ESMTP id iA7EMHqv095735; Sun, 7 Nov 2004 15:22:17 +0100 (CET) (envelope-from martin@saturn.pcs.ms) Received: (from martin@localhost) by saturn.pcs.ms (8.12.11/8.12.11/Submit) id iA7EMGqm095734; Sun, 7 Nov 2004 15:22:16 +0100 (CET) (envelope-from martin) Date: Sun, 7 Nov 2004 15:22:16 +0100 From: Martin Schweizer To: Ara Message-ID: <20041107142216.GY81757@saturn.pcs.ms> Mail-Followup-To: Ara , freebsd-questions@freebsd.org References: <20041107140217.1749C43D5A@mx1.FreeBSD.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="abYdCjSRCBwcb+dP" Content-Disposition: inline In-Reply-To: <20041107140217.1749C43D5A@mx1.FreeBSD.org> User-Agent: Mutt/1.4i Organization: PC-Service M. Schweizer GmbH, CH-8608 Bubikon, Switzerland X-PGP-Key: http://www.pc-service.ch/pgp/public_key.asc X-Fingerprint: EC21 CA4D 5C78 BC2D 73B7 10F9 C1AE 1691 D30F D239 X-Spam-Status: No, hits=-7.0 required=3.0 tests=IN_REP_TO,PGP_SIGNATURE_2,QUOTED_EMAIL_TEXT,REFERENCES, REPLY_WITH_QUOTES,USER_AGENT_MUTT version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) cc: freebsd-questions@freebsd.org Subject: Re: FTP access with ipfw X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Martin Schweizer List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 07 Nov 2004 14:21:36 -0000 --abYdCjSRCBwcb+dP Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello=20 I had a long time to figure out the rules for ipfw (with and without nat, n= o=20 different for me). Attached I send you the part of rc.firewall that is for = ftp: ipfw -f flush ipfw add check-state [snip] # FTP ipfw add allow tcp from any to any 20 ipfw add allow tcp from any to any 21 ipfw add allow tcp from any to any 1024-65000 keep-state [snip ] Am Sun, Nov 07, 2004 at 09:02:10AM -0500 Ara schrieb: > This mail is probably spam. The original message has been attached > along with this report, so you can recognize or block similar unwanted > mail in future. See http://spamassassin.org/tag/ for more details. >=20 > Content preview: Hello Are you connecting directly to internet or via > nat? In that case you may have to enable passive mode on your ftp > client=20 >=20 > Content analysis details: (3.60 points, 3 required) > IN_REP_TO (-0.5 points) Has a In-Reply-To header > FORGED_MUA_OUTLOOK (3.5 points) Forged mail pretending to be from MS Out= look > MISSING_OUTLOOK_NAME (0.6 points) Message looks like Outlook, but isn't >=20 >=20 Content-Description: original message before SpamAssassin > From: "Ara" > To: > Date: Sun, 7 Nov 2004 09:02:10 -0500 > X-Mailer: Microsoft Office Outlook, Build 11.0.6353 > Subject: RE: FTP access with ipfw >=20 >=20 > Hello > Are you connecting directly to internet or via nat? In that case you may > have to enable passive mode on your ftp client >=20 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Emil Khatib > Sent: November 7, 2004 8:54 AM > To: freebsd-questions@freebsd.org > Subject: FTP access with ipfw >=20 > Hi, I-m trying to secure my FreeBSD box using ipfw, but i can-t > configure FTP client to access the internet. I-ve googled aroun > everywhere but none of the solutions worked for me! I-m connected > using dialup and user ppp. > And another question, Would it be better if I used the firewall > included with PPP? > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" >=20 >=20 >=20 > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" --=20 Regards Gruss Mit freundlichen Gr=FCssen Martin Schweizer PC-Service M. Schweizer GmbH; Gewerbehaus Schwarz; CH-8608 Bubikon Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch; public key : http://www.pc-service.ch/pgp/public_key.asc;=20 fingerprint: EC21 CA4D 5C78 BC2D 73B7 10F9 C1AE 1691 D30F D239; --abYdCjSRCBwcb+dP Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQFBji+Ywa4WkdMP0jkRAqxnAKC/QaDPqnZS7yv2NcN0DS1XWPSRAACgpGbt FpgUfiD/EFV5WxDmXrp9h+0= =Vsc3 -----END PGP SIGNATURE----- --abYdCjSRCBwcb+dP--