Date: Thu, 7 Jun 2001 14:06:45 -0600 (CST) From: Ryan Thompson <ryan@sasknow.com> To: Nick Rogness <nick@rogness.net> Cc: Josh Thomas <jdt2101@ksu.edu>, freebsd-questions@FreeBSD.ORG Subject: Re: IPFW rules and outward connections Message-ID: <Pine.BSF.4.21.0106071404080.67902-100000@ren.sasknow.com> In-Reply-To: <Pine.BSF.4.21.0106071617590.10693-100000@cody.jharris.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Nick Rogness wrote to Ryan Thompson:
> On Thu, 7 Jun 2001, Ryan Thompson wrote:
>
> > Josh Thomas wrote to freebsd-questions@FreeBSD.ORG:
> >
> > > I am looking to set up a firewall to be closed to all incoming >
> > connections except for 20-22 (for ftp and ssh), and to allow all >
> > outward connections. However, I'm having trouble specifically keeping
> > > the dynamically assigned ports above 1024 for normal usage open.
> > ie, > http from other machines, ftp from other machines.
> >
> [snip]
> >
> > # OR, only allow connections to remote ports 1024-9999
> > ipfw 1000 allow ip from ${network} to any 1024-9999
> ^^
> You need to be protocol specific, eg tcp,udp
> in order to specify ports or port ranges...unless that has
> changed.
Yes, thanks, you're right. Typing without thinking again. ;-)
- Ryan
--
Ryan Thompson <ryan@sasknow.com>
Network Administrator, Accounts
SaskNow Technologies - http://www.sasknow.com
#106-380 3120 8th St E - Saskatoon, SK - S7H 0W2
Tel: 306-664-3600 Fax: 306-664-1161 Saskatoon
Toll-Free: 877-727-5669 (877-SASKNOW) North America
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0106071404080.67902-100000>