ipfw uid rules for lo0 interface
Stanislav Sedov
stas at FreeBSD.org
Sat May 16 09:37:18 UTC 2009
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 14 May 2009 15:33:27 +0400
Олег Петрачёв <o.petrachev at sprinthost.ru> mentioned:
> Hello!
>
> I am using FreeBSD 7.2-RELEASE.
>
> I am trying to restrict connections to local smtp daemon to limited
> number of users. But when I create rules for ipfw with uid pattern, I
> don't get the desired result: all connections on 25 port are blocked and
> it is impossible to allow it for anyone.
>
> I am using the following rules (let's say only root is allowed send
> messages):
>
> # ipfw flush
> # ipfw add 100 allow ip from any to me 25 uid root
> # ipfw add 200 deny ip from any to me 25
>
> # telnet localhost 25
> Trying 127.0.0.1...
>
> And nothing is happening - the connection is neither allowed nor denied,
> it just hangs.
>
> What am I doing wrong? Thanks in advance!
>
That should work. I suspect you don't have anything running on 127.0.0.1:25,
otherwise you should have been receiving a "permission denied" message. You
can inspect what's binded on which ports/addresses by running `sockstat -4`.
- --
Stanislav Sedov
ST4096-RIPE
-----BEGIN PGP SIGNATURE-----
iEYEARECAAYFAkoOiWsACgkQK/VZk+smlYFcpACeMLylEJRGrP7w0ciiHqT+Xhzz
QEsAn2AU5chm06vYZBrX8/7mSDfpnD8P
=blL4
-----END PGP SIGNATURE-----
!DSPAM:4a0e894c994291748722663!
More information about the freebsd-hackers
mailing list