From owner-freebsd-net Sun Dec 19 8:37:58 1999 Delivered-To: freebsd-net@freebsd.org Received: from netcom.com (netcom2.netcom.com [199.183.9.102]) by hub.freebsd.org (Postfix) with ESMTP id 20CEF150C5 for ; Sun, 19 Dec 1999 08:37:56 -0800 (PST) (envelope-from stanb@netcom.com) Received: (from stanb@localhost) by netcom.com (8.9.3/8.9.3) id IAA26258 for freebsd-net@FreeBSD.ORG; Sun, 19 Dec 1999 08:37:55 -0800 (PST) From: Stan Brown Message-Id: <199912191637.IAA26258@netcom.com> Subject: Puzzling ipfw rejections To: freebsd-net@FreeBSD.ORG (FreeBSD Networking) Date: Sun, 19 Dec 1999 11:37:54 -0500 (EST) X-Mailer: ELM [version 2.4 PL25] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-net@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Could some kind soul explain the following to me? Dec 18 11:57:19 koala /kernel: ipfw: 2300 Deny TCP 208.140.99.1:4622 24.6.61.166:113 in via ed1 Dec 18 11:57:40 koala last message repeated 3 times Dec 18 11:58:29 koala /kernel: ipfw: 2300 Deny TCP 208.140.99.1:4658 24.6.61.166:113 in via ed1 Dec 18 11:58:50 koala last message repeated 3 times Dec 18 12:09:12 koala ntpdate[914]: adjust time server 192.5.41.41 offset -0.136201 Dec 18 12:09:34 koala /kernel: ipfw: 1600 Deny TCP 199.183.9.112:3904 24.6.61.166:23 in via ed1 Dec 18 12:09:51 koala last message repeated 2 times Dec 18 12:10:11 koala /kernel: ipfw: 1600 Deny TCP 199.183.9.112:1022 24.6.61.166:22 in via ed1 Dec 18 12:10:29 koala last message repeated 2 times Dec 18 12:13:16 koala /kernel: ipfw: 1400 Deny TCP 199.183.9.112:1022 24.6.61.166:22 in via ed1 Dec 18 12:13:57 koala last message repeated 3 times Dec 18 12:14:37 koala last message repeated 2 times Dec 18 12:35:58 koala /kernel: ipfw: 1500 Deny TCP 199.183.9.112:4087 24.6.61.166:21 in via ed1 Dec 18 12:36:16 koala last message repeated 2 times Dec 18 12:36:40 koala /kernel: ipfw: 1500 Deny TCP 199.183.9.112:4087 24.6.61.166:21 in via ed1 Dec 18 12:39:22 koala ftpd[1082]: FTP LOGIN FAILED FROM netcom12.netcom.com, stan Dec 18 12:40:13 koala ntpdate[1091]: adjust time server 128.115.14.97 offset -0.109061 The machine in question is a new gateway machine that I am seting up *3.3 STABLE) using ipfw and natd. I _believe that the rejections are related to a script that I run that makes backups of my accounts on local machines. In this case the machines are netcom.com, and awod.com Thsi script tars up the contents, and then ftps's it back to a machine behind the firewall (kodiak). But I don't understand the port numbers that I am seeing here. can anyone give me a clue? -- Stan Brown stanb@netcom.com 404-996-6955 Factory Automation Systems Atlanta Ga. -- Look, look, see Windows 95. Buy, lemmings, buy! Pay no attention to that cliff ahead... Henry Spencer (c) 1998 Stan Brown. Redistribution via the Microsoft Network is prohibited. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-net" in the body of the message