[geeks] IPF

vance at neurotica.com vance at neurotica.com
Thu Sep 11 01:26:30 CDT 2003


On Wed, 10 Sep 2003, Mike Hebel wrote:

> > > > rdr ppp0 0/32 port 8080 -> 10.0.69.5 port 23 tcp/udp
> > > > rdr ppp0 0/32 port 8081 -> 10.0.69.5 port 21 tcp/udp
> > > >
> > > > How come I can't telnet into 10.0.69.5?
> > >
> > > If FTP works, I'd say that perhaps $ISP has port 8080 blocked, in
> > > case you might be running a poorly-configured web proxy on that
> > > port.
> >
> > I tried it on port 6601 too.  It still said "Connection Refused".
>
> BTDT - You need to not only forward the ports but pass them explicitly
> IN in the ipf.rules file.

I have another, related question.  My firewall unfortunately has a dynamic
IP address right now.  How do I tell ipf (in ipf.rules) to allow access to
the outside from that IP address without allowing access for the entire IP
block, which may contain people who wouldn't mind waltzing around my
system messing with stuff?  Does something like the following work?

pass	out	quick	on	ppp0	from	0/32	to	any

Peace...  Sridhar



More information about the geeks mailing list