IPFW problems connecting to port 25!
Kevin D. Kinsey, DaleCo, S.P.
kdk at daleco.biz
Thu Mar 11 13:55:43 PST 2004
whizkid at ValueDJ.com wrote:
>[snip]
>
>
>>You do have a rule for established connections?
>>
>>
>>Kevin Kinsey
>>DaleCo S.P.
>>
>>
>>
>>
>you know the only rule i have for that is
>
>add 60000 deny log tcp from any to any established
>
>I am assuming this is incorrect?
>
>
>
>
>
Aye, there's the rub. Last rule is usually
"deny ip from any to any"; somewhere above
that, but after the setup rules is "allow ip from
any to my.ip.add.ress established"* ... it does
no good to allow the setup packets but no
further data....
Kevin Kinsey
DaleCo S.P.
*instead of "allow ip" this could conceivably
be protocol specific, e.g. if you only have tcp
services available, "allow tcp from any to {me} established"
More information about the freebsd-questions
mailing list