|
|||||||||
|
|||||||||
| |||||||||
|
|
|
| |||||||||
 |
|
|
«
Previous Thread
|
Next Thread
»
|
Thread Tools | Search this Thread | Rate Thread | Display Modes |
Dev Shed Forums Sponsor:
|
|
Stop making mediocre tutorials.The best tutorials are video! Camtasia Studio makes it easy to create engaging, buzz-building screen videos at any size, in any popular format. Download the free trial!
|
|
#1
March 4th, 2004, 12:33 AM
|
||||
|
||||
|
Port Forwarding
i created a rule in /etc/ipnat.rules:
Quote:
i also created a rule in /etc/ipfw.rules Quote:
when I NMAP myself from another location, it tells me that the port is filtered and not open. what do i have to do in order to have the ports fully opened?
__________________
John5788 EMail: john5788@x5788.net URL: http://www.x5788.net AIM: John57881, John57883 ICQ: 74077537 MSN: John@5788.zzn.com YIM: John5788
|
|
#2
March 4th, 2004, 12:44 PM
|
|||
|
|||
|
Hi John!
This could be another rule blocking it above the one you posted. Can you please post the output of "ipfw list"? Give us a little bit more infos about your setup (hardware). Is the rl0 directly connected to the internet? Or is there another cable "modem" (=second router) in between maybe? M. (I assume you did reload the ipfw rules or reboot after changing the rules)
__________________
-- Manuel Hirsch - Linux, FreeBSD, programming, administration articles, tutorials and more.
|
|
#3
March 4th, 2004, 08:11 PM
|
||||
|
||||
|
ive been playing around with the settings for a while so my new rules are a bit different, but still doesnt work.
Code:
<18:08:39> [john5788@nexus] /home/john5788 (101): ipfw list 00300 allow tcp from 198.6.1.3 53 to any in recv rl0 00301 allow tcp from 198.6.1.4 53 to any in recv rl0 00302 allow tcp from 198.6.100.98 53 to any in recv rl0 00303 allow tcp from 66.51.205.100 53 to any in recv rl0 00304 allow tcp from 66.51.206.100 53 to any in recv rl0 00305 allow tcp from any to 10.10.10.70 dst-port 7845 in recv rl0 65535 allow ip from any to any my machine behind my bsd router is 10.10.10.70. rl0 is connected to my dsl modem and rl1 is connected to a switch that serves 1 other computer. all i did was just type in Code:
ipfw add 00305 allow tcp from any to 10.10.10.70 7845 in recv rl0 in my ssh, and that should have made changes to the rules without a need for reboot right?
|
|
#4
March 5th, 2004, 11:47 AM
|
||||
|
||||
|
Quote:
Right. Quote:
fwd, not allow. right? Hmmm. What does your kernel tell you about ipfw when booting (or when loading the ipfw module)? Something similar to "rule based forwarding enabled, divert enabled, default to deny". Please post this line too. Also, how are you connected to the DSL modem? eg. I am using PPPoE, in this case, you have to apply the rules to tun0 instead. M.
|
|
#5
March 5th, 2004, 08:31 PM
|
||||
|
||||
|
umm.. no i had ipfw add 00305 allow...
Code:
ipfw2 initialized, divert enabled, rule-based forwarding enabled, default to accept, logging limited to 10 packets/entry by default IP Filter: v3.4.31 initialized. Default = pass all, Logging = disabled im assuming thats what you wanted. i have a static dsl line so i just manually input the dsl ip information.
|
|
#6
March 6th, 2004, 04:16 AM
|
|||
|
|||
|
The problem must be somewhere else.
Your kernel is compiled to default to "allow", so there should not be a single port filtered unless you put a "65535 deny all from any to any" at the end. For debugging ipfw rules, use this syntax: ipfw add 65535 log deny all from any to any Then the denied packets (at least the first 10 in your kernel configuration) will show up in /var/log/secure. M. (I PM'd you)
|
|
| Viewing: Dev Shed Forums > Operating Systems > BSD Help > Port Forwarding |
| Thread Tools | Search this Thread |
| Display Modes | Rate This Thread |
|
|
 |
|
|
Del.icio.us
Digg
Google
Spurl
Blink
Furl
Simpy
Y! MyWeb
Linear Mode
