Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 2 Sep 2001 19:44:13 +0200
From:      Martin Schweizer <pcservice.schweizer@spectraweb.ch>
To:        freebsd-stable@freebsd.org
Subject:   IPFirewall again
Message-ID:  <20010902194412.A279@pc-service.ch>
next in thread | raw e-mail | index | archive | help 
Hello

If I use the following rules and I can connect via ftp (for example 
ftp.freebsd.org) but after the successful login I can't do "ls". The 
permissons are always denied. Why? Which port need I also?

# DNS (läuft nur über UDP)
ipfw add allow udp from me to any 53 keep-state
# SMTP
ipfw add allow tcp from me to any 25 keep-state
ipfw add allow udp from me to any 25 keep-state
# POP3
ipfw add allow tcp from me to any 110 keep-state
ipfw add allow udp from me to any 110 keep-state
# HTTP
ipfw add allow tcp from me to any 80 keep-state
ipfw add allow udp from me to any 80 keep-state
# FTP
ipfw add allow tcp from any to any 20 keep-state
ipfw add allow udp from any to any 20 keep-state
# FTP 2.
ipfw add allow tcp from any to any 21 keep-state
ipfw add allow udp from any to any 21 keep-state
# SSH
ipfw add allow tcp from me to any 22 keep-state
ipfw add allow udp from me to any 22 keep-state
# Telnet
ipfw add allow tcp from me to any 23 keep-state
ipfw add allow udp from me to any 23 keep-state
# Ping / TraceRoute
ipfw add allow icmp from me to any
# Whois
ipfw add allow tcp from me to any 63 keep-state
ipfw add allow udp from me to any 63 keep-state
# Gopher
ipfw add allow tcp from me to any 70 keep-state
ipfw add allow udp from me to any 70 keep-state
# Finger
ipfw add allow tcp from me to any 79 keep-state
ipfw add allow udp from me to any 79 keep-state
# NNTP
ipfw add allow tcp from me to any 119 keep-state
ipfw add allow udp from me to any 119 keep-state
# NTP
ipfw add allow tcp from me to any 123 keep-state
ipfw add allow udp from me to any 123 keep-state

-- 
Regards,

Martin Schweizer
<info@pc-service.ch>

PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon
Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010902194412.A279>