From owner-freebsd-questions@FreeBSD.ORG Sat May 13 02:30:39 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7CB2716A401 for ; Sat, 13 May 2006 02:30:39 +0000 (UTC) (envelope-from stonerte@gmail.com) Received: from nf-out-0910.google.com (nf-out-0910.google.com [64.233.182.184]) by mx1.FreeBSD.org (Postfix) with ESMTP id C472143D49 for ; Sat, 13 May 2006 02:30:38 +0000 (GMT) (envelope-from stonerte@gmail.com) Received: by nf-out-0910.google.com with SMTP id o25so111446nfa for ; Fri, 12 May 2006 19:30:37 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:references; b=AowwgiApk+HZVsOjNT9NgwT9GfYtjh3sAKe/5CZ0vGWXlPNm6HkSGGcF7Us5W5LUafGnDX4JeoUaJ/YKr21Ovk8OF4WTjbFwwLslyPvNfaSwJt8cvfzkMWL1062tGhKDNSJWOv8wV1YcAkUWOqaHxxGqoRtufEFqZNqbog5C1so= Received: by 10.48.242.16 with SMTP id p16mr460493nfh; Fri, 12 May 2006 19:30:37 -0700 (PDT) Received: by 10.49.69.1 with HTTP; Fri, 12 May 2006 19:30:37 -0700 (PDT) Message-ID: <8bd19c4f0605121930r29dcc461l8ca551a6d1079bb8@mail.gmail.com> Date: Fri, 12 May 2006 19:30:37 -0700 From: "Terry Stoner" To: goodman@mac.hush.com In-Reply-To: <20060512215128.7343633C2C@mailserver5.hushmail.com> MIME-Version: 1.0 References: <20060512215128.7343633C2C@mailserver5.hushmail.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Cc: freebsd-questions@freebsd.org Subject: Re: Access from the internet X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 13 May 2006 02:30:39 -0000 Bob - I am keeping state with the port 21 rule. I am perplexed because everythin= g works fine on the local LAN. On 5/12/06, Bob Goodman wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > >Hi my name is Terry Stoner. I just set up a new Firewall, FreeBSD > 6.0, and > >am having trouble connecting from the internet. Basically I want > to ssh > >from work. I set sshd_config to listen on all interfaces and on > port 21, > >this port is not blocked outbound from work. I have ipfilter > rules allowing > >inbound on this port and interface. I setup port forwarding on my > netgear > >router. When I do a tcpdump I see myself hitting the interface of > my > >firewall, but sshd is not responding. I get to my box, but no > dice. Do you > >have any suggestions? I would appreciate it. > > > >Thank you, > > > >Terry Stoner > > > > Are you certain that you allow both inbound traffic to your port 21 > and outbound traffic from your port 21? Something with "keep state" > in the ipfilters ruleset? > > Bob Goodman > -----BEGIN PGP SIGNATURE----- > Note: This signature can be verified at https://www.hushtools.com/verify > Version: Hush 2.5 > > wkYEARECAAYFAkRlA08ACgkQAQ09syE0bn45mQCeIcOn0hmTCdKRIEprgN543vJYb80A > nig4TZ0WCEqQzJf6tAyiC4O0sTm+ > =3Du018 > -----END PGP SIGNATURE----- > > > > > Concerned about your privacy? Instantly send FREE secure email, no accoun= t > required > http://www.hushmail.com/send?l=3D480 > > Get the best prices on SSL certificates from Hushmail > https://www.hushssl.com?l=3D485 > >