From owner-freebsd-questions@FreeBSD.ORG  Wed Apr  4 12:34:28 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 3969516A404
	for <freebsd-questions@freebsd.org>;
	Wed,  4 Apr 2007 12:34:28 +0000 (UTC) (envelope-from javier@kjsl.com)
Received: from sucia.kjsl.com (sucia.kjsl.com [216.129.110.27])
	by mx1.freebsd.org (Postfix) with ESMTP id E914713C45E
	for <freebsd-questions@freebsd.org>;
	Wed,  4 Apr 2007 12:34:27 +0000 (UTC) (envelope-from javier@kjsl.com)
Received: from dhcp-64-102-51-199.cisco.com (dhcp-64-102-51-199.cisco.com
	[64.102.51.199])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested) (Authenticated sender: javier)
	by sucia.kjsl.com (Postfix) with ESMTP id B660E9589D;
	Wed,  4 Apr 2007 08:34:22 -0400 (EDT)
Date: Wed, 4 Apr 2007 08:35:20 -0400
From: Javier Henderson <javier@kjsl.com>
To: Victor Engmark <victor.engmark@gmail.com>
Message-ID: <20070404083520942611.11732650@kjsl.com>
In-Reply-To: <7d4f41f50704040456m666ee77et6c170fe2b0b55e95@mail.gmail.com>
References: <7d4f41f50704040456m666ee77et6c170fe2b0b55e95@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: GyazMail version 1.5.5b3
Cc: freebsd-questions@freebsd.org
Subject: Re: What is the default firewall setup in 6.2?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Apr 2007 12:34:28 -0000

On Wed, 4 Apr 2007 13:56:47 +0200, Victor Engmark wrote:
> Hi all,
> 
> My goal is to set up a Subversion (v1.4, running on Apache 2.2 and available
> only through SSL) and SSH server, available to the world. I've managed to
> make it work locally; i.e.,
> # svn list 
> 
https://localhost/svn/repos/repository_name<https://localhost/svn/repos/repos_name>
> and
> # ssh user@localhost
> work fine. However, I'm having problems accessing these from other hosts.
> 
> My machine is connected to the internet. I'm able to SSH to other machines,
> and use the web. Therefore, I believe the problem is that the machine is
> discarding packets. However, I can't find any record of the connection
> attempts in /var/log (grepping for the host name or IP of the other machine
> gives no results, and even ping doesn't work), and it seems that, according
> to the FreeBSD handbook chapter 26, there is no firewall installed by
> default.
> 
> Why would FreeBSD be dropping packets, without recording it, when there are
> processes listening on the ports (see below), and no firewall?
> 
> # netstat -an | grep 22
> gives (among other lines):
> tcp4 0 0 *.22 *.* LISTEN
> 
> According to
> tcpdump port 22
> , the packets are arriving at my machine.

Can SSH clients on your local network connect to your system?

You say packets are arriving at your machine, can you elaborate on this 
further? Assuming a SYN packet arrives from a host, so you see a 
SYN+ACK go out, etc?

-jav