Site Navigation

Date:      Fri, 4 Mar 2005 01:21:11 +0530
From:      "Subhro" <subhro.kar@gmail.com>
To:        "'Paul Schmehl'" <pauls@utdallas.edu>, "'FreeBSD questions'" <freebsd-questions@freebsd.org>
Subject:   RE: ipfw lost its mind?
Message-ID:  <42276ab8.5a7f85a2.4c2a.3e73@smtp.gmail.com>
In-Reply-To: <E879B29E7D463AD4CA8D4543@utd49554.utdallas.edu>

---

index | next in thread | previous in thread | raw e-mail

---

[-- Attachment #1 --]
Do you block UDP?
I am asking this because, I *used* do a block on all UDP except the DNS port
and had exactly the same problem.

Regards
S.

Indian Institute of Information Technology
Subhro Sankha Kar
Block AQ-13/1, Sector V
Salt Lake City
PIN 700091
India
> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-
> questions@freebsd.org] On Behalf Of Paul Schmehl
> Sent: Friday, March 04, 2005 1:09
> To: FreeBSD questions
> Subject: Re: ipfw lost its mind?
> 
> --On Thursday, March 03, 2005 01:48:16 PM -0500 Chuck Swiger
> <cswiger@mac.com> wrote:
> >
> > TCP connections are bidirectional, therefore you need to add rules which
> > allow traffic from all back to your workstation, or else use keep-state
> > and check-state to use dynamic rules....
> 
> The firewall script already had a rule for that:
> allow ip from {server} to any
> 
> The problem wasn't that the firewall was *stopping* legitimate packets.
> It
> was just *slowing them down* like crazy.  Very weird.
> 
> Paul Schmehl (pauls@utdallas.edu)
> Adjunct Information Security Officer
> The University of Texas at Dallas
> AVIEN Founding Member
> http://www.utdallas.edu
> _______________________________________________
> freebsd-questions@freebsd.org mailing list
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to "freebsd-questions-
> unsubscribe@freebsd.org"

[-- Attachment #2 --]
0�	*�H��

��0�

10	+0�	*�H��


��	�0�=0�
�ͺV���T�"��r�U0
	*�H��


0_10	UUS10U
VeriSign, Inc.1705U.Class 1 Public Primary Certification Authority0
960129000000Z
280801235959Z0_10	UUS10U
VeriSign, Inc.1705U.Class 1 Public Primary Certification Authority0��0
	*�H��



��0������m�Va-�Hq�g޹�뷞��
��8%�F���s���$]
�en��V�����sߴX9kn��ը�?��1��4׏4g�	��NEVix���G�)�6�c\���-�{��2�{0�*/1��g��

0
	*�H��


��L?���h��C3]���Mz3���6�ؕ"6hl|B��.�?�O���v��J�͠�
��)�"]��݁#�{%F0y��K�����@<�_S�H䆴{�5�{%��ӎ�?8�4���q�0�f0�Ϡ

�O��[�uj�)��0
	*�H��


0_10	UUS10U
VeriSign, Inc.1705U.Class 1 Public Primary Certification Authority0
980512000000Z
080512235959Z0��10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated0��0
	*�H��



��0�����ZD��U�z�-�Ox6�
J�o�T���w*���h���1Apz�K�HV-��B�����D\�B���/��;���'
]��6B3�nT�O�J��������ƚ�j$����e���~���7j�J�	�

���0��0	`�H
��B


05U.0,0*�(�&�$http://crl.verisign.com/pca1.1.1.crl0GU @0>0<`�H
��E


0-0++

www.verisign.com/repository/RPA0U0

�
0U
0
	*�H��


��B|ߌyL���MU/P���^N.^�2�y�eJR�ը1!���l�����4x		�B�Z��ъު"���!��e�3�� �3�
�>��5�d���$[��h��|7��d
�Ž3�3�>�>��s�0�20���
:�N��4�fr۝�4��0
	*�H��


0��10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated0
041111000000Z
050718235959Z0�
10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. by Ref.,LIAB.LTD(c)9810UPersona Not Validated1402U+Digital ID Class 1 - Microsoft Full Service10U
Subhro Kar1#0!	*�H��

	
subhro.kar@gmail.com0��0
	*�H��



��0������������)���F���p�[������"��
��,9U�ڵ�8�7�(v�0r����1C.��\4��V���P@h���!��"������r(
�����	�⎅?���
-"����2K

���0��0	U00DU =0;09`�H
��E
0*0(+

https://www.verisign.com/rpa0U�0U%0+
+
0
`�H
��E
None03U,0*0(�&�$�"http://crl.verisign.com/class1.crl0
	*�H��


��]�5�羧���n�-A$Ny�i�I�k�{}Y�(�DK�����THE��@��&mZK�#T����E��W���O��.bqƼ���sE	$r�a�E���s��h��{���O�s�{[=zz�_,v߈Q��Ԋ>1�>0�:

0��0��10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated:�N��4�fr۝�4��0	+���0	*�H��

	1	*�H��


0	*�H��

	1
050303195110Z0#	*�H��

	1)���D������|�kC1��0g	*�H��

	1Z0X0
*�H��
0*�H��
�0
*�H��

@0+0
*�H��

(0+0
*�H��
0��	+

�71��0��0��10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated:�N��4�fr۝�4��0��*�H��

	1�䠁�0��10U
VeriSign, Inc.10UVeriSign Trust Network1F0DU=www.verisign.com/repository/RPA Incorp. By Ref.,LIAB.LTD(c)981H0FU?VeriSign Class 1 CA Individual Subscriber-Persona Not Validated:�N��4�fr۝�4��0
	*�H��



��
	%h�7[�֯
t��������}����CS�E�#�DE_�"/B5iyl=����me&����m~��^�Z��0��xl�fx�N����)����gx-���-���g\��)��	4E@I8��ڄ)[

help

---

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?42276ab8.5a7f85a2.4c2a.3e73>

Legal Notices | © 1995-2025 The FreeBSD Project. All rights reserved.

Contact