RE: IPFirewall again

Sun, 02 Sep 2001 12:15:40 -0700 

try

ftp ftp.host.domain
ftp> passive

should switch passive on or off not sure now.
does it work then?

Sven Huster


> -----Original Message-----
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of Martin Schweizer
> Sent: 02 September, 2001 19:44
> To: [EMAIL PROTECTED]
> Subject: IPFirewall again
>
>
> Hello
>
> If I use the following rules and I can connect via ftp (for example
> ftp.freebsd.org) but after the successful login I can't do "ls". The
> permissons are always denied. Why? Which port need I also?
>
> # DNS (läuft nur über UDP)
> ipfw add allow udp from me to any 53 keep-state
> # SMTP
> ipfw add allow tcp from me to any 25 keep-state
> ipfw add allow udp from me to any 25 keep-state
> # POP3
> ipfw add allow tcp from me to any 110 keep-state
> ipfw add allow udp from me to any 110 keep-state
> # HTTP
> ipfw add allow tcp from me to any 80 keep-state
> ipfw add allow udp from me to any 80 keep-state
> # FTP
> ipfw add allow tcp from any to any 20 keep-state
> ipfw add allow udp from any to any 20 keep-state
> # FTP 2.
> ipfw add allow tcp from any to any 21 keep-state
> ipfw add allow udp from any to any 21 keep-state
> # SSH
> ipfw add allow tcp from me to any 22 keep-state
> ipfw add allow udp from me to any 22 keep-state
> # Telnet
> ipfw add allow tcp from me to any 23 keep-state
> ipfw add allow udp from me to any 23 keep-state
> # Ping / TraceRoute
> ipfw add allow icmp from me to any
> # Whois
> ipfw add allow tcp from me to any 63 keep-state
> ipfw add allow udp from me to any 63 keep-state
> # Gopher
> ipfw add allow tcp from me to any 70 keep-state
> ipfw add allow udp from me to any 70 keep-state
> # Finger
> ipfw add allow tcp from me to any 79 keep-state
> ipfw add allow udp from me to any 79 keep-state
> # NNTP
> ipfw add allow tcp from me to any 119 keep-state
> ipfw add allow udp from me to any 119 keep-state
> # NTP
> ipfw add allow tcp from me to any 123 keep-state
> ipfw add allow udp from me to any 123 keep-state
>
> --
> Regards,
>
> Martin Schweizer
> <[EMAIL PROTECTED]>
>
> PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon
> Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch
>
> To Unsubscribe: send mail to [EMAIL PROTECTED]
> with "unsubscribe freebsd-stable" in the body of the message
>


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-stable" in the body of the message

Reply via email to