From owner-freebsd-questions  Sat Mar 30 16:40:34 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from smtprelay2.dc3.adelphia.net (smtprelay2.dc3.adelphia.net [24.50.78.5])
	by hub.freebsd.org (Postfix) with ESMTP id 8EDAE37B405
	for <FreeBSD-questions@freebsd.org>; Sat, 30 Mar 2002 16:40:31 -0800 (PST)
Received: from gteworldwind ([216.202.164.30]) by
          smtprelay2.dc3.adelphia.net (Netscape Messaging Server 4.15)
          with SMTP id GTTB7I00.A8A for <FreeBSD-questions@freebsd.org>;
          Sat, 30 Mar 2002 19:40:30 -0500 
MIME-Version: 1.0
X-Mailer: Smartcode ObjectSet 1.0
From: Greg Oshiro <goshiro@compuserve.com>
Subject: newbie IP address:port question
Date: Sat, 30 Mar 2002 16:40:00
To: FreeBSD-questions@freebsd.org
Content-Type: multipart/mixed; boundary="=PMail:=_0000@@j2dUHpwjuY300St860kp"
Message-Id: <20020331004031.8EDAE37B405@hub.freebsd.org>
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


--=PMail:=_0000@@j2dUHpwjuY300St860kp
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Folks--
I'm attempting to write a firewall ruleset and I don't
understand some basic IP concepts so here goes...

1. Please suggest a good www resouce for learning more
of basic IP concepts. I'd really like a packet-by-packet sequence =

for the DNS, HTTP, HTTPS, FTP, NTP, SSH, POP3, and SMTP =

services.

2. If I don't use NAT on my FreeBSD box, will DNS queries
always be UDP from my port 53 to the DNS server's port 53?
Will the response from the DNS server always be TCP
from the server's port 53 to my port 53?

3. "man firewall" has some discussion of "local-size binding"
and "temporary port binding range". Does this mean that I =

need to leave some high-numbered ports open in order to =

use DNS, HTTP, HTTPS, FTP, NTP, SSH, POP3, and SMTP?

I am attempting to define the narrowest opening through the
firewall for each of the sevices I want to use.
I'm using FreeBSD 4.4-RELEASE, =

connection via fixed IP on a cable modem.

All helpful responses are redeemable for beer at my local
billiard hall in Camarillo, CA USA.

Thanx,

Greg Oshiro
goshiro@compuserve.com

--=PMail:=_0000@@j2dUHpwjuY300St860kp--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message