I'd first comment out all of your 'pass' statements for ppp0. If you can still portscan, something else is wrong. If you're blocked, re-enable a few at a time until you find it. Mindless approach, but amazing what those sometimes turn up.
--- Alex Yeah <[EMAIL PROTECTED]> wrote: > > I have a problem with ipfilter and dns (named) and > samba in an netbsd 1.5.3 i386. > > The problem is that although I think that ipf.conf > rule list below would block the ports 139 and 53 it > doesn't. If I portscan my machine from outside it > does show that there is samba and dns running in > these ports. > > It does deny ping and the others, but somehow samba > and named seem to somehow "bypass" the firewall. > > ## rtk0 = LAN > ## ppp0 = Internet // PPPoE via ne0 > block in log quick on ppp0 from 127.0.0.1/8 to any > block in log quick on ppp0 from 192.168.0.0/16 to > any > block in log quick on ppp0 from 172.16.0.0/12 to any > block in on ppp0 all > pass in quick on rtk0 all > pass out quick on rtk0 all > pass in on rtk0 proto tcp from any to any keep state > pass in on rtk0 proto udp from any to any keep state > pass in on rtk0 proto icmp from any to any keep > state > pass out on ppp0 proto tcp from any to any keep > state > pass out on ppp0 proto udp from any to any keep > state > pass out on ppp0 proto icmp from any to any keep > state > pass in on ppp0 proto tcp from any to any port = 20 > flags S keep state > pass in on ppp0 proto tcp from any to any port = 21 > flags S keep state > pass in on ppp0 proto tcp from any to any port = 22 > flags S keep state > pass in on ppp0 proto tcp from any to any port = 80 > flags S keep state > pass in on ppp0 proto tcp from any to any port = 113 > flags S keep state > pass in on ppp0 proto tcp from any to any port = > 6665 flags S keep state > pass in on ppp0 proto tcp from any to any port = > 6666 flags S keep state > pass in on ppp0 proto tcp from any to any port = > 6667 flags S keep state > pass in on ppp0 proto tcp from any to any port = > 6969 flags S keep state > pass in on ppp0 proto tcp from any to any port = 411 > flags S keep state > pass in on ppp0 proto tcp from any to any port = 444 > flags S keep state > > > > > --------------------------------- > Gesendet von http://mail.yahoo.de. > M�chten Sie mit einem Gru� antworten? http://grusskarten.yahoo.de. __________________________________________________ Do You Yahoo!? HotJobs - Search Thousands of New Jobs http://www.hotjobs.com
