From owner-freebsd-questions@FreeBSD.ORG Fri May 12 21:51:32 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC4F716BC11 for ; Fri, 12 May 2006 21:51:32 +0000 (UTC) (envelope-from goodman@mac.hush.com) Received: from smtp3.hushmail.com (smtp3.hushmail.com [65.39.178.135]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5C05043D45 for ; Fri, 12 May 2006 21:51:32 +0000 (GMT) (envelope-from goodman@mac.hush.com) Received: from smtp3.hushmail.com (localhost.hushmail.com [127.0.0.1]) by smtp3.hushmail.com (Postfix) with SMTP id 4068CA332D for ; Fri, 12 May 2006 14:51:30 -0700 (PDT) Received: from mailserver5.hushmail.com (mailserver5.hushmail.com [65.39.178.19]) by smtp3.hushmail.com (Postfix) with ESMTP; Fri, 12 May 2006 14:51:28 -0700 (PDT) Received: by mailserver5.hushmail.com (Postfix, from userid 65534) id 7343633C2C; Fri, 12 May 2006 14:51:28 -0700 (PDT) Date: Sat, 13 May 2006 01:51:27 +0400 To: From: "Bob Goodman" Content-type: text/plain; charset="UTF-8" Message-Id: <20060512215128.7343633C2C@mailserver5.hushmail.com> Cc: Terry Stoner Subject: RE: Access from the internet X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: goodman@mac.hush.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 12 May 2006 21:51:43 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 >Hi my name is Terry Stoner. I just set up a new Firewall, FreeBSD 6.0, and >am having trouble connecting from the internet. Basically I want to ssh >from work. I set sshd_config to listen on all interfaces and on port 21, >this port is not blocked outbound from work. I have ipfilter rules allowing >inbound on this port and interface. I setup port forwarding on my netgear >router. When I do a tcpdump I see myself hitting the interface of my >firewall, but sshd is not responding. I get to my box, but no dice. Do you >have any suggestions? I would appreciate it. > >Thank you, > >Terry Stoner > Are you certain that you allow both inbound traffic to your port 21 and outbound traffic from your port 21? Something with "keep state" in the ipfilters ruleset? Bob Goodman -----BEGIN PGP SIGNATURE----- Note: This signature can be verified at https://www.hushtools.com/verify Version: Hush 2.5 wkYEARECAAYFAkRlA08ACgkQAQ09syE0bn45mQCeIcOn0hmTCdKRIEprgN543vJYb80A nig4TZ0WCEqQzJf6tAyiC4O0sTm+ =u018 -----END PGP SIGNATURE----- Concerned about your privacy? Instantly send FREE secure email, no account required http://www.hushmail.com/send?l=480 Get the best prices on SSL certificates from Hushmail https://www.hushssl.com?l=485