Norm Vilmer <[EMAIL PROTECTED]> writes: > I get this message (below) on the console of my FreeBSD 4.10 firewall: > > Connection attempt to TCP <my public ip>:20388 from 184.108.40.206:80 > flags 0x12 > > It appears that this is getting through the firewall and is logged to > the console because log_in_vain is 1. > > Question: What IPFW rule would block this without interfering with > normal http traffic on port 80 (I have Apache running on the box and > nat'd machines on the inside interface that access the Internet)?
In most peoples' configurations, this would be getting blocked by a default block-all rule. The users' connection out on port 80 would be accepted by a rule that is specific to the outgoing direction, and incoming packets on those connections would be accepted by either keeping state or by letting in only non-SYN packets. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org:8088/~lowell/ _______________________________________________ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"