Re: TCPmux
31.05.2013 14:10, Stefan Desancic: Hi, Thank you for your very speedy response. Also Attached is the config file. Kind Regards Stefan # Section: Interfaces public_if19="em0" private_if18="em1" mgmt_if="em1" # End: Interfaces # Section: Ports Management = "{22,}" ikeports = "{500,4500}" # End: Ports # Section: Address Table table {192.168.50.250} table {192.168.50.1} table {10.0.0.1} table {10.0.0.2} table {192.168.50.250} table {192.168.100.0/24} table {192.168.50.0/24} table {192.168.50.250} # End: Address Table # Section: Options set ruleset-optimization none set block-policy return set skip on lo # End: Options # Section: Scrubbing scrub in all # End: Scrubbing # Section: Anti Spoofing antispoof quick for {$public_if19, $private_if18} inet # End: Anti Spoofing # Section: Firewall Rules # Section: System Rules block in from any to any label RuleId[111] pass out from any to any label RuleId[112] # End: System Rules # Section: VPN LPN access Rules pass from {} to {} tagged vpn label RuleId[140] pass from {} to {} label RuleId[141] # End: VPN LPN access Rules # Section: User Rules # block from any to any no state label RuleId[149] # pass in from {} to {} label RuleId[151] # pass in from {} to {} label RuleId[152] pass from any to any label RuleId[157] # End: User Rules # Section: IPsec Rules pass in on $mgmt_if proto {udp} from {} to {} port $ikeports label RuleId[117] pass in on $mgmt_if proto {esp} from {} to {} label RuleId[118] pass in on $mgmt_if proto {ipencap} from {} to {} tag management label RuleId[119] pass proto {udp} from {} to {} port $ikeports label RuleId[131] pass proto {udp} from {} to {} port $ikeports label RuleId[132] pass proto {esp} from {} to {} label RuleId[133] pass proto {esp} from {} to {} label RuleId[134] pass in on $public_if19 proto {udp} from {} to {} port $ikeports label RuleId[135] pass out on $public_if19 proto {udp} from {} to {} port $ikeports label RuleId[136] pass in on $public_if19 proto {esp} from {} to {} label RuleId[137] pass out on $public_if19 proto {esp} from {} to {} label RuleId[138] pass in on $public_if19 proto {ipencap} from {} to {} tag vpn label RuleId[139] # End: IPsec Rules # Section: Management Rules pass in on $mgmt_if proto {tcp} from {} to {} port $Management tagged management label RuleId[120] # End: Management Rules # End: Firewall Rules I'm missing a rule which would pass tcp connections to port 1 on any interface. However I can see a pass all rule. Remote connections should be enabled. How your tcpmux server is configured? Can you show the output of `sockstat | grep ':1 '`? Good Morning, Is there a flag or a setting in the PF firewall in FreeBSD that you can set to allow TCPmux traffic to flow through it? The pass all rule doesn't seem to work, however if I disable PF completely then the TCPmux traffic flow through. I have no problems with tcpmux and pf. Can you show your config? On my machines tcpmux is served from inetd on default port (1). -- Sphinx of black quartz, judge my vow. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
RE: TCPmux
Hi, Thank you for your very speedy response. Also Attached is the config file. Kind Regards Stefan # Section: Interfaces public_if19="em0" private_if18="em1" mgmt_if="em1" # End: Interfaces # Section: Ports Management = "{22,}" ikeports = "{500,4500}" # End: Ports # Section: Address Table table {192.168.50.250} table {192.168.50.1} table {10.0.0.1} table {10.0.0.2} table {192.168.50.250} table {192.168.100.0/24} table {192.168.50.0/24} table {192.168.50.250} # End: Address Table # Section: Options set ruleset-optimization none set block-policy return set skip on lo # End: Options # Section: Scrubbing scrub in all # End: Scrubbing # Section: Anti Spoofing antispoof quick for {$public_if19, $private_if18} inet # End: Anti Spoofing # Section: Firewall Rules # Section: System Rules block in from any to any label RuleId[111] pass out from any to any label RuleId[112] # End: System Rules # Section: VPN LPN access Rules pass from {} to {} tagged vpn label RuleId[140] pass from {} to {} label RuleId[141] # End: VPN LPN access Rules # Section: User Rules # block from any to any no state label RuleId[149] # pass in from {} to {} label RuleId[151] # pass in from {} to {} label RuleId[152] pass from any to any label RuleId[157] # End: User Rules # Section: IPsec Rules pass in on $mgmt_if proto {udp} from {} to {} port $ikeports label RuleId[117] pass in on $mgmt_if proto {esp} from {} to {} label RuleId[118] pass in on $mgmt_if proto {ipencap} from {} to {} tag management label RuleId[119] pass proto {udp} from {} to {} port $ikeports label RuleId[131] pass proto {udp} from {} to {} port $ikeports label RuleId[132] pass proto {esp} from {} to {} label RuleId[133] pass proto {esp} from {} to {} label RuleId[134] pass in on $public_if19 proto {udp} from {} to {} port $ikeports label RuleId[135] pass out on $public_if19 proto {udp} from {} to {} port $ikeports label RuleId[136] pass in on $public_if19 proto {esp} from {} to {} label RuleId[137] pass out on $public_if19 proto {esp} from {} to {} label RuleId[138] pass in on $public_if19 proto {ipencap} from {} to {} tag vpn label RuleId[139] # End: IPsec Rules # Section: Management Rules pass in on $mgmt_if proto {tcp} from {} to {} port $Management tagged management label RuleId[120] # End: Management Rules # End: Firewall Rules -Original Message- From: Volodymyr Kostyrko [mailto:c.kw...@gmail.com] Sent: 31 May 2013 10:32 AM To: Stefan Desancic; questi...@freebsd.org Subject: Re: TCPmux 31.05.2013 10:29, Stefan Desancic: > Good Morning, > > Is there a flag or a setting in the PF firewall in FreeBSD that you can set > to allow TCPmux traffic to flow through it? The pass all rule doesn't seem to > work, however if I disable PF completely then the TCPmux traffic flow through. I have no problems with tcpmux and pf. Can you show your config? On my machines tcpmux is served from inetd on default port (1). -- Sphinx of black quartz, judge my vow. Important Notice: This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail legal notice available at: http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx pf.conf Description: pf.conf ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
Re: TCPmux
31.05.2013 10:29, Stefan Desancic: Good Morning, Is there a flag or a setting in the PF firewall in FreeBSD that you can set to allow TCPmux traffic to flow through it? The pass all rule doesn't seem to work, however if I disable PF completely then the TCPmux traffic flow through. I have no problems with tcpmux and pf. Can you show your config? On my machines tcpmux is served from inetd on default port (1). -- Sphinx of black quartz, judge my vow. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"
TCPmux
Good Morning, Is there a flag or a setting in the PF firewall in FreeBSD that you can set to allow TCPmux traffic to flow through it? The pass all rule doesn't seem to work, however if I disable PF completely then the TCPmux traffic flow through. Kind Regards Important Notice: This e-mail and its contents are subject to the Nanoteq (Pty) Ltd e-mail legal notice available at: http://www.nanoteq.com/AboutUs/EmailDisclaimer.aspx ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"