ipfw rules for connect port 993
Allan Jude
allanjude at freebsd.org
Mon Aug 24 13:38:56 UTC 2015
On 2015-08-24 09:05, Petr Chocholáč wrote:
> Hello,
>
> I would like to ask you for advice. I can not connect to imap.gmail.com
> on port 993 from my local network. My LAN is behind freeBSD server with
> IPFW. Server has two network cards rl0=Internet and
> re0=LAN(10.0.0.0/16). Tcpdump on re0 shows three SYN packets without
> answers. What rules should i create?
>
> I tried someting like this, without success:
> #ipfw add 01500 allow ip from 10.0.0.0/16 to any in via re0
>
>
>
> Thank you very much for any advice and your patience
>
> Petr Chocholáč
> Brno, Czech Republic
>
> _______________________________________________
> freebsd-current at freebsd.org mailing list
> https://lists.freebsd.org/mailman/listinfo/freebsd-current
> To unsubscribe, send any mail to "freebsd-current-unsubscribe at freebsd.org"
We would need to see all of your current firewall rules (ipfw show)
You'll want to tcpdump on rl0, to see if the packet is being forwarded.
Do you have the machine configured as a gateway? (gateway_enable="YES"
in /etc/rc.conf)
Are you doing NAT (Network Address Translation) to remap the internal
(10.0.0.0/16) addresses to your internet routable IP?
--
Allan Jude
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 834 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20150824/19e5e625/attachment.bin>
More information about the freebsd-current
mailing list