help needed for ipfw rules
Ertan Kucukoglu
ertank at ozlerplastik.com
Mon Sep 26 07:26:33 PDT 2005
Hi,
I have a problem blocking foreign intruders for specific ports in ipfw.
One of my friends have 4.X-Stable running in production for proxy,
e-mail, virus etc. Server also have natd and ipfw installed on it. We
have following rule set.
-----
00050 2132 1212881 divert 8668 ip from any to any via dc1
00100 1078 4537400 allow ip from any to any via lo0
00200 0 0 deny ip from any to 127.0.0.0/8
00300 0 0 deny ip from 127.0.0.0/8 to any
00400 0 0 allow tcp from 192.168.0.0/24 to me 23
00500 0 0 deny tcp from 192.168.0.69 to me 1863
00550 0 0 deny tcp from 192.168.0.63 to me 1863
00600 0 0 deny tcp from 192.168.0.69 to me 80
00650 0 0 deny tcp from 192.168.0.63 to me 80
01000 0 0 allow tcp from 192.168.0.0/16 to me 21
01010 0 0 deny tcp from any to me 21
01100 0 0 allow tcp from 212.58.X.X to me 1433 via dc1 (ip
intentionally hided)
01110 0 0 deny tcp from any to me 1433 via dc1
65000 5467 3180867 allow ip from any to any
65535 4654 322885 deny ip from any to any
-----
Natd is diverting port 1433 to an internal machine.
When I try with a different ip address on Internet than 212.58.x.x, and
I can easily get connect to directed servers' 1433 port.
I'm sure that I'm missing something, but I can not recognize what it is
at the moment. Any help will be appreciated.
Regards,
--
Ertan Küçükoğlu
ertank at ozlerplastik.com
More information about the freebsd-questions
mailing list