From owner-freebsd-net Thu Jul 25 3:39: 2 2002 Delivered-To: freebsd-net@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6306737B400 for ; Thu, 25 Jul 2002 03:39:00 -0700 (PDT) Received: from daydreamer.dk (213.237.14.128.adsl.ho.worldonline.dk [213.237.14.128]) by mx1.FreeBSD.org (Postfix) with SMTP id 1F41243E67 for ; Thu, 25 Jul 2002 03:38:59 -0700 (PDT) (envelope-from mlists@daydreamer.dk) Received: (qmail 3945 invoked from network); 25 Jul 2002 10:38:24 -0000 Received: from unknown (HELO dpws) (192.168.1.3) by 192.168.1.25 with SMTP; 25 Jul 2002 10:38:24 -0000 Message-ID: <007f01c233c7$43aaa300$0301a8c0@dpws> From: "Dennis Pedersen" To: Subject: mpd & ipfw (keep denying port 1900/udp?!) Date: Thu, 25 Jul 2002 12:37:24 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.50.4807.1700 X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4910.0300 Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Hi, mpd was working fine for me until i wanted to use pptp to a box at home. I simply can get throug unless i flush my firewall rules. In the ipfw log i have the following entry (192.168.2.43 in the workstation on the inside of the fw i'm trying from and 2.88 in the internal interface in the fw) Jul 25 13:22:32 fw /kernel: ipfw: 900 Deny UDP 192.168.2.43:1067 192.168.2.88:1900 in via xl0 Jul 25 13:22:57 fw /kernel: ipfw: 900 Deny UDP 192.168.2.43:1067 192.168.2.88:1900 in via xl0 Jul 25 13:23:22 fw /kernel: ipfw: 900 Deny UDP 192.168.2.43:1067 192.168.2.88:1900 in via xl0 I don't get it, where does the UDP packet enter the picture? , in the fw rules i have allow gre from any to any and pptp from any to any (i have one rule that allows pptp port as src and one as dst). What am i missing here about the udp port? Is it always the same port ? (then i can simply just allow 1900/udp, but if i changes all the time that wont help me much..) Regards, Dennis To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message