Date: Tue, 18 Jan 2005 15:22:34 -0500 From: "Sherman, Michael (GE Energy)" <michael.sherman@og.ge.com> To: FreeBSD-security@FreeBSD.org Subject: ipf question Message-ID: <6BBE5C5603D0D611A06F0002A5D6556405FAA185@nyschx22psge.sch.ge.com>
next in thread | raw e-mail | index | archive | help
Hello. I am a relatively new FreeBSD user. I have samba, ssh and vnc server running on it. I am also trying to set up the IPFILTER on it. I used the handbook to familiarize myself with the software and the sample script provided in the chapter discussing ipf, I decided to use as a starting point. After reading the ipf chapter I assumed that if "block in log first quick on xl0 all" is used, everything which is not opened by default will be blocked. Now I opened only samba and ssh ports: pass in quick on xl0 proto tcp/udp from any to any port 137 <> 139 keep state pass in quick on xl0 proto tcp/udp from any to any port = 445 keep state pass in quick on xl0 proto tcp from any to any port = 22 flags S keep state However I am able to connect to the vncserver, without actually opening it in the script. I guess my assumption was wrong, please let me know if I missed on something. Michael
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?6BBE5C5603D0D611A06F0002A5D6556405FAA185>