I have a problem with ipfilter and dns (named) and samba in an netbsd 1.5.3 i386.
The problem is that although I think that ipf.conf rule list below would block the ports 139 and 53 it doesn't. If I portscan my machine from outside it does show that there is samba and dns running in these ports.
It does deny ping and the others, but somehow samba and named seem to somehow "bypass" the firewall.
## rtk0 = LAN
## ppp0 = Internet // PPPoE via ne0
block in log quick on ppp0 from 127.0.0.1/8 to any
block in log quick on ppp0 from 192.168.0.0/16 to any
block in log quick on ppp0 from 172.16.0.0/12 to any
block in on ppp0 all
pass in quick on rtk0 all
pass out quick on rtk0 all
pass in on rtk0 proto tcp from any to any keep state
pass in on rtk0 proto udp from any to any keep state
pass in on rtk0 proto icmp from any to any keep state
pass out on ppp0 proto tcp from any to any keep state
pass out on ppp0 proto udp from any to any keep state
pass out on ppp0 proto icmp from any to any keep state
pass in on ppp0 proto tcp from any to any port = 20 flags S keep state
pass in on ppp0 proto tcp from any to any port = 21 flags S keep state
pass in on ppp0 proto tcp from any to any port = 22 flags S keep state
pass in on ppp0 proto tcp from any to any port = 80 flags S keep state
pass in on ppp0 proto tcp from any to any port = 113 flags S keep state
pass in on ppp0 proto tcp from any to any port = 6665 flags S keep state
pass in on ppp0 proto tcp from any to any port = 6666 flags S keep state
pass in on ppp0 proto tcp from any to any port = 6667 flags S keep state
pass in on ppp0 proto tcp from any to any port = 6969 flags S keep state
pass in on ppp0 proto tcp from any to any port = 411 flags S keep state
pass in on ppp0 proto tcp from any to any port = 444 flags S keep state
Gesendet von http://mail.yahoo.de.
M�chten Sie mit einem Gru� antworten? http://grusskarten.yahoo.de.
