From owner-freebsd-questions Tue Jan 2 1:23: 6 2001 From owner-freebsd-questions@FreeBSD.ORG Tue Jan 2 01:23:04 2001 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from studict.student.utwente.nl (studict.student.utwente.nl [130.89.220.2]) by hub.freebsd.org (Postfix) with ESMTP id 3259337B400 for ; Tue, 2 Jan 2001 01:23:03 -0800 (PST) Received: from rhosgobel (kabel203069.kabel.utwente.nl [130.89.203.69]) by studict.student.utwente.nl (8.9.3/MQT) with ESMTP id KAA22769; Tue, 2 Jan 2001 10:22:57 +0100 (MET) From: "Rogier Steehouder" To: "Tommy Forrest - KE4PYM" Date: Tue, 2 Jan 2001 10:22:55 +0100 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Re: [FBSD-Q] Writing firewall rules Reply-To: r.j.steehouder@student.utwente.nl Cc: FreeBSD-questions@freebsd.org Message-ID: <3A51ABFF.12803.B9B10@localhost> Priority: normal In-reply-to: <200101012133.PAA09574@mailbox.mcs.net> X-mailer: Pegasus Mail for Win32 (v3.12c) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On 1 Jan 2001, at 16:36, Tommy Forrest - KE4PYM wrote: > Hi folks. > > I'm a little confused about writing firewall rules. Many of my rules > are as follows > > ipfw add 1001 deny tcp from any to any 161 > > So I tried to do a little writing of my own. Specfically, I want to > deny outside access (xl0) to port 901. So I tried: > > ipfw add 1099 deny tcp from xl0 to xl0 901 > > And it failed. Just got a screen full of ipfw fussing at my that I'd > done the wront thing (tm). > > So how would I write a rule that would block outside access to a port > while still allowing inside clients (xl1) access?? > try: # deny 901 access from outside ipfw add 1099 deny tcp from any to any 901 in via xl0 or maybe better: # allow 901 access from inside ipfw add 1099 allow tcp from any to any in via xl1 Have a look at the man page of ipfw. > Also, why would the OS (4.0) report that a user has mail when, in > real life, they start pine and find they have no mail? For example, > as root, I get my daily output logs in my mail box. But when I > delete them, log out and log back in I'm told I have mail, start pine > and there is no mail. > Pine leaves one message in your mailbox containing information on things like the read/unread status of messages (or something like that). To get rid of the now wrong messages of new mail, look at the man page of your shell (in bash, which I use, there are some shell variables that control these messages). With kind regards, Rogier Steehouder __ _ -O_\ Rogier Steehouder // | / mailto:r.j.steehouder@student.utwente.nl //\ / \ http://home.student.utwente.nl/r.j.steehouder/ // \ <--------------------- 25m ------------------------> To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message