Date: Mon, 18 Apr 2005 11:54:14 +0100 From: "Vince" <jhary@unsane.co.uk> To: "=?iso-8859-1?Q?'Steven_Bj=F8rken_Vang'?=" <mujahid@ra.home.faeldryn.org>, <questions@freebsd.org> Subject: RE: pf ruleset for imap Message-ID: <200504181053.j3IArfnQ066589@unsane.co.uk> In-Reply-To: <20050418102528.GA37148@ra.home.faeldryn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Do you use straight imap or imaps ?
I put both in but imap is 143=20
Imaps is 993=20
#IMAP and IMAPS
pass in on $ext_if inet proto tcp \
from any to ($ext_if) port { 143, 993 } flags S/SA keep state
Add it with the rest of your incoming rules.
=20
> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org=20
> [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of=20
> Steven Bj=F8rken Vang
> Sent: 18 April 2005 11:25
> To: questions@freebsd.org
> Subject: pf ruleset for imap
>=20
>=20
> hello.
>=20
> just installed pf, everything is looking good.
> except my imap is blocked. what do i need to add, where?
>=20
> ##### FreeBSD [i386]
> ##### my.hostname.com
> ##### City, Country
>=20
> # pfctl -F a ; pfctl -Nf /etc/pf.conf ; pfctl -sr
>=20
> int_if=3D"ep0"
> ext_if=3D"lnc0"
>=20
> # *** Options
> #
> set block-policy drop
>=20
> # *** Scrub incoming packets
> #
> scrub in all
>=20
> # *** NAT
> #
> nat on $ext_if from $int_if:network to any -> ($ext_if)
> rdr on $int_if proto tcp from any to any \
> port 21 -> 127.0.0.1 port 8021
>=20
> # *** Default deny policy
> #
> block drop log all
>=20
> # *** Pass loopback traffic
> #
> pass quick on lo0 all
>=20
> # *** Outgoing
> #
> #
> pass out on $ext_if inet proto tcp \
> from any to any flags S/SA keep state
> pass out on $ext_if inet proto { udp, icmp } \
> from ($ext_if) to any keep state
>=20
> # *** Bootstrap
> #
> pass out on $ext_if inet proto udp \
> from any port 68 to any port 67 keep state
>=20
> # *** DNS and NTP
> #
> pass out on $ext_if inet proto udp \
> from ($ext_if) to any port { 53, 123 } keep state
>=20
> # *** SSH and HTTP
> #
> pass in on $ext_if inet proto tcp \
> from any to ($ext_if) port { 22, 80 } flags S/SA keep state
>=20
> # *** Active FTP
> #
> pass in on $ext_if inet proto tcp \
> from port 20 to ($ext_if) user proxy flags S/SA keep state
>=20
> I guess that's it.
> Thanks all,
>=20
> -- Steven
>=20
> _______________________________________________
> freebsd-questions@freebsd.org mailing list=20
> http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> To unsubscribe, send any mail to=20
> "freebsd-questions-unsubscribe@freebsd.org"
>=20
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200504181053.j3IArfnQ066589>