Hi!
I am new to ipfiter. I have a server (FreeBSD 5.5)in DMZ and I have
configured ipfilter (3.4.35) on this server for firewall. Incoming access
is filtered as it suppose but outging access from the server is completely
blocked; I can't use fetchmail, nor connect to remote smtp server, etc.
Here are my rules:
--------------
# ping
pass in quick proto icmp from 192.168.10.0/24 to <thishost> icmp-type echo
# ftp
pass in quick proto tcp from any to <thishost> port = 21 flags S keep state
# ssh
pass in quick proto tcp from 192.168.10.0/24 to <thishost> port = 22 flags
S keep state
# smtp
pass in quick proto tcp from any to <thishost> port = 25 flags S keep state
# http
pass in quick proto tcp from any to <thishost> port = 80 flags S keep state
# pop3
pass in quick proto tcp from any to <thishost> port = 110 flags S keep state
block return-rst in quick proto tcp from any to any port = 113
# ntp
pass in quick proto udp from 192.168.10.0/24 to <thishost> port = 123
# samba
pass in quick proto udp from 192.168.10.0/24 to <thishost> port 137 <> 138
# samba
pass in quick proto tcp from 192.168.10.0/24 to <thishost> port = 139 flags
S keep state
# imap
pass in quick proto tcp from any to <thishost> port = 143 flags S keep state
# https
pass in quick proto tcp from any to <thishost> port = 443 flags S keep state
# samba
pass in quick proto tcp from 192.168.10.0/24 to <thishost> port = 445 flags
S keep state
# smtps
pass in quick proto tcp from any to <thishost> port = 465 flags S keep state
# sma
pass in quick proto tcp from any to <thishost> port = 587 flags S keep state
# pop3s
pass in quick proto tcp from any to <thishost> port = 993 flags S keep state
# imaps
pass in quick proto tcp from any to <thishost> port = 995 flags S keep state
# webmin
pass in quick proto tcp from 192.168.10.0/24 to <thishost> port = 10000
flags S keep state
pass out quick from <thishost> to any
# lo
pass in quick on lo0 all
# Block everything else
block in quick on fxp0 from any to <thishost>
---------------
What am I missing here?
Regards,
--
Sasa Stupar
