ipf question
Sherman, Michael (GE Energy)
michael.sherman at og.ge.com
Tue Jan 18 12:22:40 PST 2005
Hello.
I am a relatively new FreeBSD user. I have samba, ssh and vnc server running
on it. I am also trying to set up the IPFILTER on it. I used the handbook to
familiarize myself with the software and the sample script provided in the
chapter discussing ipf, I decided to use as a starting point. After reading
the ipf chapter I assumed that if "block in log first quick on xl0 all" is
used, everything which is not opened by default will be blocked.
Now I opened only samba and ssh ports:
pass in quick on xl0 proto tcp/udp from any to any port 137 <> 139 keep
state
pass in quick on xl0 proto tcp/udp from any to any port = 445 keep state
pass in quick on xl0 proto tcp from any to any port = 22 flags S keep state
However I am able to connect to the vncserver, without actually opening it
in the script.
I guess my assumption was wrong, please let me know if I missed on
something.
Michael
More information about the freebsd-security
mailing list