From owner-freebsd-questions Wed Nov 24 1: 0: 8 1999 Delivered-To: freebsd-questions@freebsd.org Received: from lucifer.bart.nl (lucifer.bart.nl [194.158.168.74]) by hub.freebsd.org (Postfix) with ESMTP id 3137F14F71 for ; Wed, 24 Nov 1999 00:59:54 -0800 (PST) (envelope-from asmodai@lucifer.bart.nl) Received: (from asmodai@localhost) by lucifer.bart.nl (8.9.3/8.9.3) id JAA66616; Wed, 24 Nov 1999 09:59:36 +0100 (CET) (envelope-from asmodai) Date: Wed, 24 Nov 1999 09:59:36 +0100 From: Jeroen Ruigrok van der Werven To: Ben Goodwin Cc: freebsd-questions@FreeBSD.ORG Subject: Re: IPFW letting me in when it shouldn't?? Message-ID: <19991124095936.A58890@lucifer.bart.nl> References: <002101bf3658$4e08ba40$6a477392@dsg.atomicmatrix.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <002101bf3658$4e08ba40$6a477392@dsg.atomicmatrix.net>; from ben-lists@atomicmatrix.net on Wed, Nov 24, 1999 at 03:45:48AM -0500 Organisation: bART Internet Services B.V. Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG -On [19991124 09:50], Ben Goodwin (ben-lists@atomicmatrix.net) wrote: >I have a 3.3R machine that's acting as a firewall. It's placed between my >router and my lan. I have a fairly lengthy rc.firewall, so I won't post it >yet .. I'm figuring that the problem I'm about to describe is either a known >issue or a "oh, you dummy, you forgot to do this" type of thing. >If I telnet to, say, port 111 from the outside world to a particular server >behind said firewall, I get denied (the telnet just "hangs", and the console >shows a refused entry). However, if I telnet to, say, port 25, which is >allowed thru, disconnect, and then try port 111 again, I'm allowed through! >If I wait 15 seconds, and try port 111 again, I'm disallowed. What's going >on here? Without your firewall rules we can't tell for sure. -- Jeroen Ruigrok van der Werven Network- and systemadministrator bART Internet Services / Tel: +31 - (0) 10 - 240 39 70 VIA NET.WORKS Netherlands To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message