Date: Thu, 2 May 2002 08:36:58 -0700 (PDT) From: Michael Reynolds <wshs_chat@yahoo.com> To: freebsd-questions@freebsd.org Subject: ipfw question(s?) Message-ID: <20020502153658.68424.qmail@web11601.mail.yahoo.com>
next in thread | raw e-mail | index | archive | help
I have the following ipfw rules configured, so that any user in the group webusers may only connect out via http or ftp, but it seems to block them from connecting in via ftp. The inbound connections work fine, but they are unable to list via PORT or PASV. The last 2 rules, deny, are added to deny the users in the webusers group from accepting connections, or opening connections to other ports. This is because the httpd is run as a completely different user, thus no need to bind to any ports. Any/all help would be appreciated. Also, any help in compacting these rules into something 'smaller' would be even moreso appreciated. add 500 allow tcp from any to any 21 in via rl0 gid webusers add 500 allow tcp from any to any 21,80 out via rl0 gid webusers add 500 allow tcp from any 113 to any in via rl0 gid webusers add 500 allow tcp from any 113 to any out via rl0 gid webusers add 500 allow udp from any to any 53 out via rl0 gid webusers add 500 allow udp from any 53 to any in via rl0 gid webusers add 500 deny tcp from any to any via rl0 gid webusers add 500 deny udp from any to any via rl0 gid webusers __________________________________________________ Do You Yahoo!? Yahoo! Health - your guide to health and wellness http://health.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020502153658.68424.qmail>