FreeBSD Mail Archives

Date:      Mon, 12 Aug 2002 13:26:39 +0200
From:      Roman Neuhauser <neuhauser@bellavista.cz>
To:        freebsd-questions <freebsd-questions@freebsd.org>
Subject:   ipfilter / ssl problem
Message-ID:  <20020812112639.GQ389@freepuppy.bellavista.cz>

next in thread | raw e-mail | index | archive | help

Hi there,

what do i need to get ssl trafic through my firewall?

# ipfstat -ion | grep -E '(433|@22)'
@10 pass out quick on de0 proto tcp from 1.2.3.4/32 to any port = 433 keep state
@22 block in log from any to any

and this is a https request as logged by ipmon:

Aug 12 13:15:52 freepuppy ipmon[56]: 13:15:51.886159 de0 @0:32 p 188.50.50.10,4221 -> 194.228.112.54,443 PR tcp len 20 60 -S OUT 
Aug 12 13:15:52 freepuppy ipmon[56]: 13:15:52.224982 de0 @0:22 b 194.228.112.54,443 -> 188.50.50.10,4221 PR tcp len 20 44 -AS IN 
Aug 12 13:15:55 freepuppy ipmon[56]: 13:15:54.885148 de0 @0:32 p 188.50.50.10,4221 -> 194.228.112.54,443 PR tcp len 20 60 -S OUT 
Aug 12 13:15:55 freepuppy ipmon[56]: 13:15:55.103066 de0 @0:22 b 194.228.112.54,443 -> 188.50.50.10,4221 PR tcp len 20 40 -A IN 
Aug 12 13:15:58 freepuppy ipmon[56]: 13:15:57.884221 de0 @0:32 p 188.50.50.10,4221 -> 194.228.112.54,443 PR tcp len 20 60 -S OUT 
Aug 12 13:15:58 freepuppy ipmon[56]: 13:15:58.144083 de0 @0:22 b 194.228.112.54,443 -> 188.50.50.10,4221 PR tcp len 20 40 -A IN 
Aug 12 13:16:00 freepuppy ipmon[56]: 13:16:00.883294 de0 @0:32 p 188.50.50.10,4221 -> 194.228.112.54,443 PR tcp len 20 44 -S OUT 
Aug 12 13:16:01 freepuppy ipmon[56]: 13:16:01.193474 de0 @0:22 b 194.228.112.54,443 -> 188.50.50.10,4221 PR tcp len 20 40 -A IN 
Aug 12 13:16:03 freepuppy ipmon[56]: 13:16:03.882385 de0 @0:32 p 188.50.50.10,4221 -> 194.228.112.54,443 PR tcp len 20 44 -S OUT 
Aug 12 13:16:04 freepuppy ipmon[56]: 13:16:04.415064 de0 @0:22 b 194.228.112.54,443 -> 188.50.50.10,4221 PR tcp len 20 40 -A IN 
Aug 12 13:16:06 freepuppy ipmon[56]: 13:16:06.881445 de0 @0:32 p 188.50.50.10,4221 -> 194.228.112.54,443 PR tcp len 20 44 -S OUT 
Aug 12 13:16:07 freepuppy ipmon[56]: 13:16:07.423899 de0 @0:22 b 194.228.112.54,443 -> 188.50.50.10,4221 PR tcp len 20 40 -A IN 
Aug 12 13:16:12 freepuppy ipmon[56]: 13:16:12.879588 de0 @0:32 p 188.50.50.10,4221 -> 194.228.112.54,443 PR tcp len 20 44 -S OUT 
Aug 12 13:16:13 freepuppy ipmon[56]: 13:16:13.125515 de0 @0:22 b 194.228.112.54,443 -> 188.50.50.10,4221 PR tcp len 20 40 -A IN 
Aug 12 13:16:24 freepuppy ipmon[56]: 13:16:24.875878 de0 @0:32 p 188.50.50.10,4221 -> 194.228.112.54,443 PR tcp len 20 44 -S OUT 
Aug 12 13:16:25 freepuppy ipmon[56]: 13:16:25.048327 de0 @0:22 b 194.228.112.54,443 -> 188.50.50.10,4221 PR tcp len 20 40 -A IN 

I'm quite green wrt firewalls, so excuse me if i do anything stupid.

-- 
FreeBSD 4.6-STABLE
1:21PM up 3 days, 1:16, 11 users, load averages: 0.01, 0.03, 0.00

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020812112639.GQ389>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation