From owner-freebsd-security Thu Nov 30 4: 5:44 2000 Delivered-To: freebsd-security@freebsd.org Received: from expert.com.br (soure.expert.com.br [200.242.253.1]) by hub.freebsd.org (Postfix) with SMTP id 0A7F837B401 for ; Thu, 30 Nov 2000 04:05:38 -0800 (PST) Received: (qmail 4255 invoked from network); 30 Nov 2000 12:03:56 -0000 Received: from unknown (HELO nirvana) (200.242.253.60) by soure.expert.com.br with SMTP; 30 Nov 2000 12:03:56 -0000 Message-ID: <017801c05ac5$cafd02d0$3cfdf2c8@nirvana> From: "Roberto Samarone Araujo (RSA)" To: Subject: FreeBSD Firewall - Help please Date: Thu, 30 Nov 2000 09:05:12 -0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.3018.1300 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.3018.1300 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Hi, I've set up a FreeBSD 4.1.1 firewall that deny everything by default. I opened some ports that I need but, I'm having some problems with this services : DNS,FTP,POP3 and SMTP. I put this rules in order to open this services but, it doesn't work. Please, Help me ## Allow TCP through if setup succeeded $fw add pass tcp from any to any stablished ## Allow DNS queries out in the world $fw add pass udp from any 53 to $ip $fw add pass udp from $ip to any ## Allow DNS access to my DNS $fw add pass tcp from any to $ip 53 setup ## Allow setup of incomming email $fw add pass tcp from any to $ip 25 setup ## Allow POP3 $fw add pass tcp from any to $ip 106 via $if setup ## Allow FTP from local network $fw add pass tcp from $net:$mask to $ip 20 setup $fw add pass tcp from $net:$mask to $ip 21 setup $fw add pass udp from $net:$mask to $ip 20 $fw add pass udp from $net:$mask to $ip 21 # Deny everything $fw add 65534 deny log all from any to any Thanks for help Roberto Samarone Araujo To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message