Date: Sun, 14 May 2006 15:09:38 -0400 From: "Terry Stoner" <stonerte@gmail.com> To: goodman@mac.hush.com Cc: freebsd-questions@freebsd.org Subject: Re: Access from the internet Message-ID: <8bd19c4f0605141209s9af8741h888191f8b42363cb@mail.gmail.com> In-Reply-To: <20060513141218.6F024DA820@mailserver8.hushmail.com> References: <20060513141218.6F024DA820@mailserver8.hushmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hey guys - I got it to work. I enabled udp inbound on port 21 and it worked. Thanks for all your suggestions. Terry Stoner On 5/13/06, Bob Goodman <goodman@mac.hush.com> wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > On Sat, 13 May 2006 06:30:37 +0400 Terry Stoner > <stonerte@gmail.com> wrote: > >Bob - > > > >I am keeping state with the port 21 rule. I am perplexed because > >everything > >works fine on the local LAN. > > > >On 5/12/06, Bob Goodman <goodman@mac.hush.com> wrote: > >> > >> -----BEGIN PGP SIGNED MESSAGE----- > >> Hash: SHA1 > >> > >> >Hi my name is Terry Stoner. I just set up a new Firewall, > >FreeBSD > >> 6.0, and > >> >am having trouble connecting from the internet. Basically I > >want > >> to ssh > >> >from work. I set sshd_config to listen on all interfaces and > >on > >> port 21, > >> >this port is not blocked outbound from work. I have ipfilter > >> rules allowing > >> >inbound on this port and interface. I setup port forwarding on > >my > >> netgear > >> >router. When I do a tcpdump I see myself hitting the interface > >of > >> my > >> >firewall, but sshd is not responding. I get to my box, but no > >> dice. Do you > >> >have any suggestions? I would appreciate it. > >> > > >> >Thank you, > >> > > >> >Terry Stoner > >> > > >> > >> Are you certain that you allow both inbound traffic to your port > >21 > >> and outbound traffic from your port 21? Something with "keep > >state" > >> in the ipfilters ruleset? > >> > >> Bob Goodman > >> -----BEGIN PGP SIGNATURE----- > >> Note: This signature can be verified at > >https://www.hushtools.com/verify > >> Version: Hush 2.5 > >> > >> > >wkYEARECAAYFAkRlA08ACgkQAQ09syE0bn45mQCeIcOn0hmTCdKRIEprgN543vJYb80 > >A > >> nig4TZ0WCEqQzJf6tAyiC4O0sTm+ > >> =3Du018 > >> -----END PGP SIGNATURE----- > > Could you for example stop your sshd, start "openssl s_server" > listening on that interface port 21 and connect with "openssl > s_client" from the internet? And what is happening with ipf > disabled? > -----BEGIN PGP SIGNATURE----- > Note: This signature can be verified at https://www.hushtools.com/verify > Version: Hush 2.5 > > wkYEARECAAYFAkRl6TIACgkQAQ09syE0bn4K7ACgkxcdMBl6S+BaqJmsGRdZoKvHp5sA > nje118bNTFMvK/Jj8g0uNeZXHK+e > =3DPA1P > -----END PGP SIGNATURE----- > > > > > Concerned about your privacy? Instantly send FREE secure email, no accoun= t > required > http://www.hushmail.com/send?l=3D480 > > Get the best prices on SSL certificates from Hushmail > https://www.hushssl.com?l=3D485 > >
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8bd19c4f0605141209s9af8741h888191f8b42363cb>