IPF Logging packets Every 2-10 Seconds.

Wed Jun 29 14:25:19 GMT 2005

So the answer is still the same.
You have to add rules to your firewall to allow
that new service in and out of your firewall.

Come on guy you are making this much harder that it really is.

-----Original Message-----
From: owner-freebsd-questions at freebsd.org
[mailto:owner-freebsd-questions at freebsd.org]On Behalf Of Stephan
Weaver
Sent: Wednesday, June 29, 2005 9:37 AM
To: fbsd_user at a1poweruser.com
Cc: freebsd-questions at freebsd.org
Subject: RE: IPF Logging packets Every 2-10 Seconds.

if you carefully read this log line.
28/06/2005 15:59:23.743138 vr0 @0:28 b 201.238.78.59,4550 ->
192.168.1.1,60271 PR tcp len 20 40 -AF IN

what it is saying, 201.238.78.59 on port 4550 wants to make a
connection
INTO my network.
now it is making this connection because one my my LAN users, is
accssing
that address.
eg, a Lan user types http://201.238.78.59:1080 [webcam port]
opens up the live view in the webcam. and in a response to that, the
webcam
sends a data/packets back to my LAN using the webcam data port
instead.
[4550]

>From: "fbsd_user" <fbsd_user at a1poweruser.com>
>Reply-To: <fbsd_user at a1poweruser.com>
>To: "Stephan Weaver" <stephanweaver at hotmail.com>
>Subject: RE: IPF Logging packets Every 2-10 Seconds.
>Date: Tue, 28 Jun 2005 16:40:48 -0400
>
>When you list the incore rules is rule number 28 the block all rule
>marking the end of the inbound section of your rules file?
>
>If yes, then you need to add a new pass in rule to allow port 4550
>in.
>Then the remote system will be able to access your webcam server on
>the firewall box.
>
>The short explanation about what you are doing makes all the
>difference in the kind of answer you get back.  Should have said
>that a long time ago.  This is different question that what the
>email subject says.
>
>-----Original Message-----
>From: Stephan Weaver [mailto:stephanweaver at hotmail.com]
>Sent: Tuesday, June 28, 2005 4:06 PM
>To: fbsd_user at a1poweruser.com
>Subject: RE: IPF Logging packets Every 2-10 Seconds.
>
>
>i Do understand what you are saying, but i BELEIVE my ruleset is in
>the
>wrong order or something is WRONG.
>look at this LOG for example
>28/06/2005 15:59:23.743138 vr0 @0:28 b 201.238.78.59,4550 ->
>192.168.1.1,60271 PR tcp len 20 40 -AF IN
>28/06/2005 15:59:23.823647 vr0 @0:28 b 201.238.78.59,4550 ->
>192.168.1.1,60272 PR tcp len 20 40 -AF IN
>28/06/2005 15:59:24.283051 vr0 @0:28 b 201.238.78.59,4550 ->
>192.168.1.1,60273 PR tcp len 20 40 -AF IN
>28/06/2005 15:59:24.283423 vr0 @0:28 b 201.238.78.59,4550 ->
>192.168.1.1,60269 PR tcp len 20 40 -AF IN
>28/06/2005 15:59:24.687274 vr0 @0:28 b 201.238.78.59,4550 ->
>192.168.1.1,60271 PR tcp len 20 40 -AF IN
>28/06/2005 15:59:24.865697 vr0 @0:28 b 201.238.78.59,4550 ->
>192.168.1.1,60273 PR tcp len 20 40 -AF IN
>
>
>
>right,
>now 201.238.78.59 is MY OTHER REMOTE server!
>and my WEBCAM software runs on port 4550.
>now that is being logged because, one of my lan users,
>is accessing 201.238.78.59:4550 via a webpage. but it shows in the
>logs.
>something is WRONG.
>i know what you are saying, but listen what I am saying....
>
>

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's
FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/

_______________________________________________
freebsd-questions at freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
"freebsd-questions-unsubscribe at freebsd.org"