From owner-freebsd-stable  Sun Sep  2 12:43:18 2001
Delivered-To: freebsd-stable@freebsd.org
Received: from picard.skynet.be (picard.skynet.be [195.238.3.131])
	by hub.freebsd.org (Postfix) with ESMTP id 8752237B408
	for <freebsd-stable@freebsd.org>; Sun,  2 Sep 2001 12:43:12 -0700 (PDT)
Received: from venus (adsl-35140.turboline.skynet.be [217.136.9.68])
	by picard.skynet.be (8.11.6/8.11.6/Skynet-OUT-2.12) with ESMTP id f82Jh7F28447
	for <freebsd-stable@freebsd.org>; Sun, 2 Sep 2001 21:43:07 +0200 (MET DST)
	(envelope-from <sven.huster@mailsurf.com>)
From: "Sven Huster" <sven.huster@mailsurf.com>
To: <freebsd-stable@freebsd.org>
Subject: RE: IPFirewall again
Date: Sun, 2 Sep 2001 21:45:49 +0200
Message-ID: <NGEPJANEPIDHMDLBLKMDCEHCBCAB.sven.huster@mailsurf.com>
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4522.1200
In-Reply-To: <20010902194412.A279@pc-service.ch>
Importance: Normal
Sender: owner-freebsd-stable@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-stable.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-stable>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-stable>
X-Loop: FreeBSD.ORG

try

ftp ftp.host.domain
ftp> passive

should switch passive on or off not sure now.
does it work then?

Sven Huster


> -----Original Message-----
> From: owner-freebsd-stable@FreeBSD.ORG
> [mailto:owner-freebsd-stable@FreeBSD.ORG]On Behalf Of Martin Schweizer
> Sent: 02 September, 2001 19:44
> To: freebsd-stable@freebsd.org
> Subject: IPFirewall again
>
>
> Hello
>
> If I use the following rules and I can connect via ftp (for example
> ftp.freebsd.org) but after the successful login I can't do "ls". The
> permissons are always denied. Why? Which port need I also?
>
> # DNS (läuft nur über UDP)
> ipfw add allow udp from me to any 53 keep-state
> # SMTP
> ipfw add allow tcp from me to any 25 keep-state
> ipfw add allow udp from me to any 25 keep-state
> # POP3
> ipfw add allow tcp from me to any 110 keep-state
> ipfw add allow udp from me to any 110 keep-state
> # HTTP
> ipfw add allow tcp from me to any 80 keep-state
> ipfw add allow udp from me to any 80 keep-state
> # FTP
> ipfw add allow tcp from any to any 20 keep-state
> ipfw add allow udp from any to any 20 keep-state
> # FTP 2.
> ipfw add allow tcp from any to any 21 keep-state
> ipfw add allow udp from any to any 21 keep-state
> # SSH
> ipfw add allow tcp from me to any 22 keep-state
> ipfw add allow udp from me to any 22 keep-state
> # Telnet
> ipfw add allow tcp from me to any 23 keep-state
> ipfw add allow udp from me to any 23 keep-state
> # Ping / TraceRoute
> ipfw add allow icmp from me to any
> # Whois
> ipfw add allow tcp from me to any 63 keep-state
> ipfw add allow udp from me to any 63 keep-state
> # Gopher
> ipfw add allow tcp from me to any 70 keep-state
> ipfw add allow udp from me to any 70 keep-state
> # Finger
> ipfw add allow tcp from me to any 79 keep-state
> ipfw add allow udp from me to any 79 keep-state
> # NNTP
> ipfw add allow tcp from me to any 119 keep-state
> ipfw add allow udp from me to any 119 keep-state
> # NTP
> ipfw add allow tcp from me to any 123 keep-state
> ipfw add allow udp from me to any 123 keep-state
>
> --
> Regards,
>
> Martin Schweizer
> <info@pc-service.ch>
>
> PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon
> Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-stable" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message