Date: Mon, 10 Jan 2005 00:20:20 GMT From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: freebsd-bugs@FreeBSD.org Subject: Re: kern/75601: ipfilter not allowing SSH to box on FreeBSD 5.3 Message-ID: <200501100020.j0A0KKtH081093@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR kern/75601; it has been noted by GNATS. From: Giorgos Keramidas <keramida@ceid.upatras.gr> To: Nick Hale <nhale@charter.net> Cc: bug-followup@freebsd.org Subject: Re: kern/75601: ipfilter not allowing SSH to box on FreeBSD 5.3 Date: Mon, 10 Jan 2005 02:15:04 +0200 On 2005-01-10 00:10, Nick Hale <nhale@charter.net> wrote: > Correct. It should be that way. Pass in packets from this host to > any ip locally and pass out packets from any ip locally to this host > is technically what those rules say. I've been using that setup now > since the boxes were running 5.0 without change and it's always > worked up until now. The fact that it worked until 5.0 is probably a happenstance. It's not correct. The correct filter rules are (as of 5.2.1-RELEASE IIRC): pass in any packet destined to a local ip address pass out any packet originating from a local ip address
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200501100020.j0A0KKtH081093>