Re: Problem configuring IPV6 - Kindly help

To: netbsd-users%netbsd.org@localhost
Subject: Re: Problem configuring IPV6 - Kindly help
From: "David Lord" <netbsd%lordynet.org@localhost>
Date: Sat, 16 Mar 2013 02:35:44 -0000

On 16 Mar 2013 at 0:16, Michael David wrote:

> Folks,
> 
> I have a problem with IPFILTER. I have tried many things but am at my wits
> end:-(
> 
> I have a block-by-default setup, .
> 
> I want to allow ALL outgoing traffic on wm0 and only allow ssh and http in
> on wm0
> 
> My rules are as follows:
> *
> pass out quick on any all    *//this I believe will take care of lo0 also*
> 
> pass in quick on wm0 proto tcp from any to any port = 22 keep state
> pass in quick on wm0 proto tcp from any to any port = 80 keep state*
> 
> When I enable the firewall, ALL traffic is completely blocked - in effect I
> am cut off from my server.
> 
> What am I doing wrong? Kindly help.
> 

My rules are:

ipf.conf:
pass out log first quick on vr1 proto tcp from <my_ip> to \
 any port = 22 flags S keep state keep frags
pass in log first quick on vr1 proto tcp from <good_ip> to \
 <my_ip> port = 22 flags S keep state keep frags

sshd_config:
Allowusers myusername anotherusername

hosts.allow:
sshd : <friendly_ip> : allow

Some of my pcs have minimal memory so eg. sshd and ftpd
are started from inetd.


David

References:
- Problem configuring IPV6 - Kindly help
  - From: Michael David
- Re: Problem configuring IPV6 - Kindly help
  - From: Michael David
- Re: Problem configuring IPV6 - Kindly help
  - From: Michael David

Prev by Date: Re: Problem configuring IPV6 - Kindly help
Next by Date: Re: Problem configuring IPV6 - Kindly help
Previous by Thread: Re: Problem configuring IPV6 - Kindly help
Next by Thread: Re: Problem configuring IPV6 - Kindly help
Indexes:

Home | Main Index | Thread Index | Old Index