Date: Tue, 25 Aug 2009 06:30:17 -0700 (PDT) From: Colin Brace <cb@lim.nl> To: freebsd-questions@freebsd.org Subject: Re: what www perl script is running? Message-ID: <25134277.post@talk.nabble.com> In-Reply-To: <20090825082604.41cad357.wmoran@potentialtech.com> References: <4A924601.3000507@lim.nl> <200908240807.n7O87o3U092052@banyan.cs.ait.ac.th> <200908241026.55693.j.mckeown@ru.ac.za> <25130058.post@talk.nabble.com> <20090825091937.GA53416@cheddar.urgle.com> <25131646.post@talk.nabble.com> <200908251027.n7PARZBt009994@banyan.cs.ait.ac.th> <25132123.post@talk.nabble.com> <20090825082604.41cad357.wmoran@potentialtech.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Bill, one more thing: Bill Moran wrote: > > You can add an ipfw rule to prevent the script from calling home, which > will effectively render it neutered until you can track down and actually > _fix_ the problem. Mike Bristow above wrote: "The script is talking to 94.102.51.57 on port 7000". OK, so I how do I know what port the script is using for outgoing traffic on MY box? 7000 is the remote host port, right? FWIW, here are my core PF lines: pass out quick on $ext_if proto 41 pass out quick on gif0 inet6 pass in quick on gif0 inet6 proto icmp6 block in log That is to say: nothing is allowed in unless explicitly allowed Everything allowed out. (plus some ipv6 stuff I was testing with a tunnel) Merci ----- Colin Brace Amsterdam http://lim.nl -- View this message in context: http://www.nabble.com/what-www-perl-script-is-running--tp25112050p25134277.html Sent from the freebsd-questions mailing list archive at Nabble.com.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?25134277.post>