Date: Sat, 23 May 1998 17:55:18 -0500 From: "J.A. Terranson" <sysadmin@mfn.org> To: "'Capriotti'" <capriotti@geocities.com>, "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: RE: IPFW and pop3/irc - loooong wait Message-ID: <01BD8673.F38A73A0@w3svcs.mfn.org>
next in thread | raw e-mail | index | archive | help
> Your problem is that you are blocking IDENT requests. If you dont mind servicing these (they are very low risk services) simply allow port 113 (tcp) to function. BTW: I just found out that 113 is being widely used for some other services too: like smtp reverse lookups. We allow 113 subject to some pretty tight rules, if you like, I can send you a copy of our rulesets. J.A. Terranson sysadmin@mfn.org The following rule: # Reject&Log all setup of incoming connections from the outside $fwcmd add 300 deny log tcp from any to any in via ${oif} setup is causing pop3 (when sending msgs) and IRC (when connecting; port 6667) take too long to connect I get messages like this on the console: ipfw: 300 Deny tcp 209.104.220.13:4737 200.246.0.15:113 in via tun0 is it expected ? (I don't see why... My TCP/IP skills are not that good) In case it is, is there any workaround for this delay ? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BD8673.F38A73A0>