if you carefully read this log line.
28/06/2005 15:59:23.743138 vr0 @0:28 b 201.238.78.59,4550 ->
192.168.1.1,60271 PR tcp len 20 40 -AF IN
what it is saying, 201.238.78.59 on port 4550 wants to make a connection
INTO my network.
now it is making this connection because one my my LAN users, is accssing
that address.
eg, a Lan user types http://201.238.78.59:1080 [webcam port]
opens up the live view in the webcam. and in a response to that, the webcam
sends a data/packets back to my LAN using the webcam data port instead.
[4550]
From: "fbsd_user" <[EMAIL PROTECTED]>
Reply-To: <[EMAIL PROTECTED]>
To: "Stephan Weaver" <[EMAIL PROTECTED]>
Subject: RE: IPF Logging packets Every 2-10 Seconds.
Date: Tue, 28 Jun 2005 16:40:48 -0400
When you list the incore rules is rule number 28 the block all rule
marking the end of the inbound section of your rules file?
If yes, then you need to add a new pass in rule to allow port 4550
in.
Then the remote system will be able to access your webcam server on
the firewall box.
The short explanation about what you are doing makes all the
difference in the kind of answer you get back. Should have said
that a long time ago. This is different question that what the
email subject says.
-----Original Message-----
From: Stephan Weaver [mailto:[EMAIL PROTECTED]
Sent: Tuesday, June 28, 2005 4:06 PM
To: [EMAIL PROTECTED]
Subject: RE: IPF Logging packets Every 2-10 Seconds.
i Do understand what you are saying, but i BELEIVE my ruleset is in
the
wrong order or something is WRONG.
look at this LOG for example
28/06/2005 15:59:23.743138 vr0 @0:28 b 201.238.78.59,4550 ->
192.168.1.1,60271 PR tcp len 20 40 -AF IN
28/06/2005 15:59:23.823647 vr0 @0:28 b 201.238.78.59,4550 ->
192.168.1.1,60272 PR tcp len 20 40 -AF IN
28/06/2005 15:59:24.283051 vr0 @0:28 b 201.238.78.59,4550 ->
192.168.1.1,60273 PR tcp len 20 40 -AF IN
28/06/2005 15:59:24.283423 vr0 @0:28 b 201.238.78.59,4550 ->
192.168.1.1,60269 PR tcp len 20 40 -AF IN
28/06/2005 15:59:24.687274 vr0 @0:28 b 201.238.78.59,4550 ->
192.168.1.1,60271 PR tcp len 20 40 -AF IN
28/06/2005 15:59:24.865697 vr0 @0:28 b 201.238.78.59,4550 ->
192.168.1.1,60273 PR tcp len 20 40 -AF IN
right,
now 201.238.78.59 is MY OTHER REMOTE server!
and my WEBCAM software runs on port 4550.
now that is being logged because, one of my lan users,
is accessing 201.238.78.59:4550 via a webpage. but it shows in the
logs.
something is WRONG.
i know what you are saying, but listen what I am saying....
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
