From owner-freebsd-security  Fri Jun 22 11:46:12 2001
Delivered-To: freebsd-security@freebsd.org
Received: from db.nexgen.com (db.nexgen.com [64.81.208.78])
	by hub.freebsd.org (Postfix) with SMTP id F054F37B403
	for <freebsd-security@freebsd.org>; Fri, 22 Jun 2001 11:46:08 -0700 (PDT)
	(envelope-from ml@db.nexgen.com)
Received: (qmail 95629 invoked from network); 22 Jun 2001 18:46:44 -0000
Received: from localhost.nexgen.com (HELO book) (root@127.0.0.1)
  by localhost.nexgen.com with SMTP; 22 Jun 2001 18:46:44 -0000
Message-ID: <003a01c0fb4b$a165dba0$9865fea9@book>
From: "alexus" <ml@db.nexgen.com>
To: <freebsd-security@freebsd.org>,
	"Michael Richards" <michael@fastmail.ca>
References: <3B338EFB.000039.73802@frodo.searchcanada.ca>
Subject: Re: Letting scp through a firewall using ipfilter
Date: Fri, 22 Jun 2001 14:46:21 -0400
MIME-Version: 1.0
Content-Type: text/plain;
	charset="Windows-1252"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4522.1200
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

yyou don't need to do anything scp works through port 22 

----- Original Message ----- 
From: "Michael Richards" <michael@fastmail.ca>
To: <freebsd-security@freebsd.org>
Sent: Friday, June 22, 2001 2:31 PM
Subject: Letting scp through a firewall using ipfilter


> I'm trying to get my firewall to allow scp through. It currently 
> allows ssh in, but it appears that scp creates an outgoing connection 
> from the remote machine back to the originating machine. Anyone know 
> how to solve this problem?
> 
> The firewall spits out:
> 22/06/2001 14:22:12.543474 xl1 @0:21 b 24.1.2.3,22 -> 216.1.2.3,1007 
> PR tcp len 20 10240 -AR IN
> 
> When I try to:
> scp user@24.1.2.3:/usr/home/user/filename filename
> 
> I'm using ipfilter.
> 
> thanks
> -Michael
> _________________________________________________________________
>      http://fastmail.ca/ - Fast Free Web Email for Canadians


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message