Date: Wed, 6 Dec 2000 22:05:07 -0700 (MST) From: "David G. Andersen" <dga@pobox.com> To: root@battery.yi.org (Brad Mace) Cc: freebsd-security@FreeBSD.ORG Subject: Re: mrtg through firewall Message-ID: <200012070505.WAA03558@faith.cs.utah.edu> In-Reply-To: <Pine.BSF.4.10.10012062251320.47173-100000@battery.yi.org> from "Brad Mace" at Dec 06, 2000 10:53:18 PM
next in thread | previous in thread | raw e-mail | index | archive | help
Not really. You're going to basically have to allow UDP from the snmp
port back to any of your high UDP ports, but you can at least limit it to
that. You'll still be able to block most of the reserved UDP ports.
Similar problems exist with many DNS resolvers, so it likely won't be a
big change for your firewall rules.
-Dave
Lo and behold, Brad Mace once said:
>
> I've been trying to setup my firewall rules to allow mrtg to run. It
> seems to use different udp ports each time. Is there a way i can allow it
> without allowing all udp packets?
>
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>
--
work: dga@lcs.mit.edu me: dga@pobox.com
MIT Laboratory for Computer Science http://www.angio.net/
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200012070505.WAA03558>