ipfw rules for letting ssh requests in
Andrew L. Gould
algould at datawok.com
Sun Jan 18 15:47:06 PST 2004
I can't seem to get the ipfw rules right for letting ssh clients access a ssh
server. I can use ssh on the server to connect to the client; but if I try
to connect from the client to the server, the operation times out.
I have my rules in /etc/ipfw.rules. Executing 'ipfw show' displays all of the
rules as expected. It also shows packets having been allowed at rule 300
after an attempt to connect has been made.
I have copied the top portion of /etc/ipfw.rules:
#!/bin/sh
# Andrew L. Gould's firewall rules.
fwcmd="/sbin/ipfw -q"
${fwcmd} -f flush
# Basic rules that should not be changed
${fwcmd} add 00100 pass all from any to any via lo0
${fwcmd} add 00110 deny all from any to 127.0.0.0/8
${fwcmd} add 00120 deny ip from 127.0.0.0/8 to any
# Allow specified service requests in
# ssh
${fwcmd} add 00300 allow tcp from any to me 22
${fwcmd} add 00301 allow udp from any to me 22
##########################################
Does anyone have any idea why the operation is timing out or what I have done
wrong?
Thanks,
Andrew Gould
More information about the freebsd-questions
mailing list