From owner-freebsd-questions@FreeBSD.ORG  Wed Nov 26 14:24:46 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id BAEC8106564A
	for <freebsd-questions@freebsd.org>;
	Wed, 26 Nov 2008 14:24:46 +0000 (UTC)
	(envelope-from fbsd06+4B=a6b673cf@mlists.homeunix.com)
Received: from fallback-in1.mxes.net (fallback-out1.mxes.net [216.86.168.190])
	by mx1.freebsd.org (Postfix) with ESMTP id 80AEC8FC17
	for <freebsd-questions@freebsd.org>;
	Wed, 26 Nov 2008 14:24:46 +0000 (UTC)
	(envelope-from fbsd06+4B=a6b673cf@mlists.homeunix.com)
Received: from mxout-03.mxes.net (mxout-03.mxes.net [216.86.168.178])
	by fallback-in1.mxes.net (Postfix) with ESMTP id 740151648FA
	for <freebsd-questions@freebsd.org>;
	Wed, 26 Nov 2008 09:09:09 -0500 (EST)
Received: from gumby.homeunix.com (unknown [87.81.140.128])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by smtp.mxes.net (Postfix) with ESMTP id A847923E3E2
	for <freebsd-questions@freebsd.org>;
	Wed, 26 Nov 2008 09:09:07 -0500 (EST)
Date: Wed, 26 Nov 2008 14:09:04 +0000
From: RW <fbsd06@mlists.homeunix.com>
To: freebsd-questions@freebsd.org
Message-ID: <20081126140904.72ec3400@gumby.homeunix.com>
In-Reply-To: <492D51CB.9000201@a1poweruser.com>
References: <492D51CB.9000201@a1poweruser.com>
X-Mailer: Claws Mail 3.5.0 (GTK+ 2.12.11; i386-portbld-freebsd7.0)
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Subject: Re: firewall rules for bitlord, yahoo, limewire
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 26 Nov 2008 14:24:46 -0000

On Wed, 26 Nov 2008 21:40:27 +0800
Fbsd1 <fbsd1@a1poweruser.com> wrote:

> I have inclusive firewall rule set which means only packets matching
> the rules are passed through. The inbound hight port numbers are
> blocked by design.
> 
> How do other firewall users code rules to allow limewire to work?

I don't use limewire, but for other p2p I define pf macros that list the
udp and tcp ports and and explicity allow incoming connections.

If you want to know what ports an application is listening on try
sockstat -l. I wouldn't expose them without tracking down what they do
though in case they are http, telnet, etc.