Norm Vilmer <[EMAIL PROTECTED]> writes:

> I get this message (below) on the console of my FreeBSD 4.10 firewall:
> Connection attempt to TCP <my public ip>:20388 from
> flags 0x12
> It appears that this is getting through the firewall and is logged to
> the console because log_in_vain is 1.
> Question: What IPFW rule would block this without interfering with
> normal http traffic on port 80 (I have Apache running on the box and
> nat'd machines on the inside interface that access the Internet)?

In most peoples' configurations, this would be getting blocked by a
default block-all rule.  The users' connection out on port 80 would be
accepted by a rule that is specific to the outgoing direction, and
incoming packets on those connections would be accepted by either
keeping state or by letting in only non-SYN packets.

Lowell Gilbert, embedded/networking software engineer, Boston area
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to