Date: Sun, 2 Sep 2001 21:45:49 +0200 From: "Sven Huster" <sven.huster@mailsurf.com> To: <freebsd-stable@freebsd.org> Subject: RE: IPFirewall again Message-ID: <NGEPJANEPIDHMDLBLKMDCEHCBCAB.sven.huster@mailsurf.com> In-Reply-To: <20010902194412.A279@pc-service.ch>
next in thread | previous in thread | raw e-mail | index | archive | help
try ftp ftp.host.domain ftp> passive should switch passive on or off not sure now. does it work then? Sven Huster > -----Original Message----- > From: owner-freebsd-stable@FreeBSD.ORG > [mailto:owner-freebsd-stable@FreeBSD.ORG]On Behalf Of Martin Schweizer > Sent: 02 September, 2001 19:44 > To: freebsd-stable@freebsd.org > Subject: IPFirewall again > > > Hello > > If I use the following rules and I can connect via ftp (for example > ftp.freebsd.org) but after the successful login I can't do "ls". The > permissons are always denied. Why? Which port need I also? > > # DNS (läuft nur über UDP) > ipfw add allow udp from me to any 53 keep-state > # SMTP > ipfw add allow tcp from me to any 25 keep-state > ipfw add allow udp from me to any 25 keep-state > # POP3 > ipfw add allow tcp from me to any 110 keep-state > ipfw add allow udp from me to any 110 keep-state > # HTTP > ipfw add allow tcp from me to any 80 keep-state > ipfw add allow udp from me to any 80 keep-state > # FTP > ipfw add allow tcp from any to any 20 keep-state > ipfw add allow udp from any to any 20 keep-state > # FTP 2. > ipfw add allow tcp from any to any 21 keep-state > ipfw add allow udp from any to any 21 keep-state > # SSH > ipfw add allow tcp from me to any 22 keep-state > ipfw add allow udp from me to any 22 keep-state > # Telnet > ipfw add allow tcp from me to any 23 keep-state > ipfw add allow udp from me to any 23 keep-state > # Ping / TraceRoute > ipfw add allow icmp from me to any > # Whois > ipfw add allow tcp from me to any 63 keep-state > ipfw add allow udp from me to any 63 keep-state > # Gopher > ipfw add allow tcp from me to any 70 keep-state > ipfw add allow udp from me to any 70 keep-state > # Finger > ipfw add allow tcp from me to any 79 keep-state > ipfw add allow udp from me to any 79 keep-state > # NNTP > ipfw add allow tcp from me to any 119 keep-state > ipfw add allow udp from me to any 119 keep-state > # NTP > ipfw add allow tcp from me to any 123 keep-state > ipfw add allow udp from me to any 123 keep-state > > -- > Regards, > > Martin Schweizer > <info@pc-service.ch> > > PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon > Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?NGEPJANEPIDHMDLBLKMDCEHCBCAB.sven.huster>