Dear List Members, i trust anyone of you would have experience with Shorewall Firewall. I have the following rule in rule file that is "/etc/shorewall/rules". Traffic is not passing through. ACCEPT net loc:72.211.25.74 udp 123 This rule is working alright. i have problem understanding why udp has problem ACCEPT net loc:72.211.25.74 tcp 25 Thanks / Regards
2012/5/16 Shiv. NK <prabhpal@digital-infotech.net>:> Dear List Members, > > i trust anyone of you would have experience with Shorewall Firewall. I > have the following rule in rule file that is "/etc/shorewall/rules". > Traffic is not passing through. > > ACCEPT ? ? ? ? ?net ? ? loc:72.211.25.74 ? ? ? udp ?123 > > This rule is working alright. i have problem understanding why udp has > problem > ACCEPT ? ? ? ? ?net ? ? loc:72.211.25.74 ? ? ? tcp ?25I don't see this question as related to FreeBSD -STABLE. But maybe you should explicitely accept udp packet returns. Your firewall (which I don't know) surely keeps states of TCP connections and implicitely accepts packets returns. Cheers.> > Thanks / Regards > > > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org"-- Olivier Smedts? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?? _ ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ASCII ribbon campaign ( ) e-mail: olivier@gid0.org? ? ? ? - against HTML email & vCards? X www: http://www.gid0.org? ? - against proprietary attachments / \ ? "Il y a seulement 10 sortes de gens dans le monde : ? ceux qui comprennent le binaire, ? et ceux qui ne le comprennent pas."
On Wed, May 16, 2012 at 15:01:14 -0000 , Shiv. NK wrote:> Dear List Members, > > i trust anyone of you would have experience with Shorewall Firewall.I cannot imagine how you came to that conclusion, considering this mailing list is for FreeBSD and Shorewall is a Linux tool. Beyond not understanding the software forming the basis of Shorewall, you evidently also failed to read the Shorewall web site which provides support resources: http://shorewall.net/support.htm . Please pursue those resources, as this is very much not the place. -- Thanks and best regards, Chris Nehren