From owner-freebsd-questions@FreeBSD.ORG Wed Apr 4 12:24:43 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 20A9116A401 for ; Wed, 4 Apr 2007 12:24:43 +0000 (UTC) (envelope-from victor.engmark@gmail.com) Received: from ug-out-1314.google.com (ug-out-1314.google.com [66.249.92.168]) by mx1.freebsd.org (Postfix) with ESMTP id F065713C459 for ; Wed, 4 Apr 2007 12:24:41 +0000 (UTC) (envelope-from victor.engmark@gmail.com) Received: by ug-out-1314.google.com with SMTP id 71so671230ugh for ; Wed, 04 Apr 2007 05:24:40 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; b=e6saeZHgfMJyMbD31Kt21mqwX+Wpi+YPzhl3L6Glm/YnjV58s/cB3vtx2zBgt3Sm3JoBskDhlXDfAC3dbnbk8eQTsXZizgU/90u2k5298s8pOygMrRhMY2ullShF/U4IUAtz1WU9rLJFFOBWgZdFrk8DeYTAr3Wf84c7K3kcT+c= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type; b=Lq7Z2TysGS5f8i4DLRzKcbZITEodAvBtQfKDrRSn67nMpSNxvVyDwo/YuhX9s3GdPDIEkTCJCb+KAufzOcRxLeS57eQ1RkjaTPAaEtXJrMnLWncCk9wuLEVA/WICR4qkgPRsoGhV8VtfMVSaG/OIpxr8PU4kmnQ5N4QOBQM2mYc= Received: by 10.114.198.1 with SMTP id v1mr211304waf.1175687807437; Wed, 04 Apr 2007 04:56:47 -0700 (PDT) Received: by 10.114.79.14 with HTTP; Wed, 4 Apr 2007 04:56:47 -0700 (PDT) Message-ID: <7d4f41f50704040456m666ee77et6c170fe2b0b55e95@mail.gmail.com> Date: Wed, 4 Apr 2007 13:56:47 +0200 From: "Victor Engmark" To: freebsd-questions@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: What is the default firewall setup in 6.2? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 04 Apr 2007 12:24:43 -0000 Hi all, My goal is to set up a Subversion (v1.4, running on Apache 2.2 and available only through SSL) and SSH server, available to the world. I've managed to make it work locally; i.e., # svn list https://localhost/svn/repos/repository_name and # ssh user@localhost work fine. However, I'm having problems accessing these from other hosts. My machine is connected to the internet. I'm able to SSH to other machines, and use the web. Therefore, I believe the problem is that the machine is discarding packets. However, I can't find any record of the connection attempts in /var/log (grepping for the host name or IP of the other machine gives no results, and even ping doesn't work), and it seems that, according to the FreeBSD handbook chapter 26, there is no firewall installed by default. Why would FreeBSD be dropping packets, without recording it, when there are processes listening on the ports (see below), and no firewall? # netstat -an | grep 22 gives (among other lines): tcp4 0 0 *.22 *.* LISTEN According to tcpdump port 22 , the packets are arriving at my machine. /etc/rc.conf contains the following: hostname=[removed] ifconfig_bge0=dhcp keymap="us.dvorak" linux_enable="YES" sshd_enable="YES" usbd_enable="YES" apache2_enable="YES" network_interfaces=bge0 I haven't changed anything in /etc/defaults/rc.conf. It contains firewall_enable="NO" , which should be enough to avoid having any firewall. In addition, pf_enable="NO" and ipfilter_enable="NO" are in the defaults, so I'm completely stumped as to what is blocking the traffic. Is FreeBSD by default dropping any incoming connections (it should be, but I can't find mention of it in the firewall chapter)? Any help would be appreciated. -- Victor Engmark