On Sat, 28 Feb 2004 3:47 am, Derrick Ryalls wrote:
I have a port redirect, public port 5001 to an internal machine
port 3389, for Remote Desktop that works well in natd as long as I
don't fire up my custom firewall:
0005023427286 divert 8668 ip from any to any via sis0
00100 24 6080 allow ip from any to any via lo0
00200 00 deny ip from any to 127.0.0.0/8
00300 00 deny ip from 127.0.0.0/8 to any
00400 00 check-state
00500 2 186 allow ip from 192.168.1.1 to 192.168.1.0/24
00600 4 266 allow ip from 192.168.1.0/24 to 192.168.1.1
00700 34 3399 allow ip from any to any keep-state in recv
dc0 00800 18 2093 allow ip from any to any keep-state out
xmit sis0 00900 00 allow ip from any to any keep-state
out xmit dc0 01000 00 allow ip from any to
0.0.0.255:0.0.0.255 in recv dc0 01100 00 allow ip from
192.168.1.1 to any keep-state 01200 00 allow udp from
any to any 53 keep-state 01300 00 allow tcp from any
to any 53 keep-state 01400 00 allow udp from any to
any 25 keep-state 01500 00 allow tcp from any to any
25 keep-state 01600 00 allow tcp from any to any 993
keep-state 0170018818936 allow tcp from any to any 22
keep-state 01800 00 allow tcp from any to any 80
keep-state 01900 00 allow tcp from any to any 5001
keep-state 65535 173082 56255563 deny ip from any to any
sis0 is the public interface and dc0 is the internal.
Right now I don't might so much having reduntant rules, but I would
like my functionality back without doing an allow from any to any.
Any ideas on what I am missing?
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to
[EMAIL PROTECTED]
I have similar problem. I came accross this thread that may be of
assistance in understanding your problem.
http://lists.freebsd.org/pipermail/freebsd-questions/2004-January/032694.html
It appears there may be a problem with stateful rules and port
forwarding.
___
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to [EMAIL PROTECTED]
