Date: Sat, 23 May 1998 17:55:18 -0500 From: "J.A. Terranson" <sysadmin@mfn.org> To: "'Capriotti'" <capriotti@geocities.com>, "freebsd-questions@FreeBSD.ORG" <freebsd-questions@FreeBSD.ORG> Subject: RE: IPFW and pop3/irc - loooong wait Message-ID: <01BD8673.F38A73A0@w3svcs.mfn.org>
next in thread | raw e-mail | index | archive | help
> Your problem is that you are blocking IDENT requests. If you dont mind
servicing these (they are very low risk services) simply allow port 113 (tcp)
to function.
BTW: I just found out that 113 is being widely used for some other services
too: like smtp reverse lookups.
We allow 113 subject to some pretty tight rules, if you like, I can send you a
copy of our rulesets.
J.A. Terranson
sysadmin@mfn.org
The following rule:
# Reject&Log all setup of incoming connections from the outside
$fwcmd add 300 deny log tcp from any to any in via ${oif} setup
is causing pop3 (when sending msgs) and IRC (when connecting; port 6667)
take too long to connect
I get messages like this on the console:
ipfw: 300 Deny tcp 209.104.220.13:4737 200.246.0.15:113 in via tun0
is it expected ? (I don't see why... My TCP/IP skills are not that good)
In case it is, is there any workaround for this delay ?
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?01BD8673.F38A73A0>