Date: Sun, 15 Feb 1998 12:52:19 -0800 From: Ludwig Pummer <ludwigp@bigfoot.com> To: Archie Cobbs <archie@whistle.com>, agalindo@servidor.exsocom.com.mx (Alejandro Galindo) Cc: freebsd-isp@FreeBSD.ORG Subject: Re: ipfw rule for permit http access Message-ID: <3.0.3.32.19980215125219.0333a778@mail.plstn1.sfba.home.com> In-Reply-To: <199802152043.MAA25386@bubba.whistle.com> References: <1.5.4.32.19980214155709.009eef1c@exsocom.com.mx>
next in thread | previous in thread | raw e-mail | index | archive | help
At 12:43 PM 2/15/98 -0800, Archie Cobbs wrote: >Alejandro Galindo writes: >> Hi, i installed an ipfirewall with the packet filter (ipfw), i need >> permit the conection to my http server, and i have the next rules: >> >> ipfw add pass tcp from any >1023 to 200.43.1.1 80 >> ipfw add pass tcp from 200.43.1.1 80 to any >1023 >> >> but the external clients cant access to my Web server. Can you indicate me >> if the rules are ok? or, what rules can i do? > >That looks right, except for the syntax. What you want is: > > ipfw add pass tcp from any 1023-65535 to 200.43.1.1 80 > ipfw add pass tcp from 200.43.1.1 80 to any 1023-65535 > >-Archie >___________________________________________________________________________ >Archie Cobbs * Whistle Communications, Inc. * http://www.whistle.com actually, it's ipfw add pass tcp from any 1024-65535 to 200.43.1.1 80 ipfw add pass tcp from 200.43.1.1 80 to any 1024-65535 --Ludwig Pummer ------------------------------------------------------------------ ludwigp@bigfoot.com ICQ UIN: 692441 http://chipweb.home.ml.org PGP Key & Geek Code available on web page To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.3.32.19980215125219.0333a778>