firewall rules for bitlord, yahoo, limewire

eculp at eculp at
Wed Nov 26 06:13:10 PST 2008

Fbsd1 <fbsd1 at> escribió:

> These applications have predefined ports they use to start up the  
> bi-directional packet conversation. But them unsolicited packeted  
> come in from other pc nodes to share data using a wide range of high  
> port numbers. IPFW, IPF, and PF don't seem to have a rule option to  
> allow packs in/out based on program name that started the  
> conversation.
> I thought i read in openbsd pf manual that pf state processing will  
> allow  applications like limewire to function normally by accepting  
> the inbound high number port to pass through the firewall.
> I have inclusive firewall rule set which means only packets matching
> the rules are passed through. The inbound hight port numbers are
> blocked by design.
> How do other firewall users code rules to allow limewire to work?

Hmmm.  Isn't life interesting.  I would like to know how to block them  
and others without causing strange secondary problems.

Actually a default pf configuration will let them pass unless I'm  
forgetting something important.


> _______________________________________________
> freebsd-questions at mailing list
> To unsubscribe, send any mail to "freebsd-questions-unsubscribe at"

More information about the freebsd-questions mailing list