Hi, all:
I want to block all the traffic except ipsec and ftp traffic. But actually, tcp traffic is not blocked. Can any one help me with this? Thank you so much.
Topology:
Computer 1<-->Computer 2(with firewall)<-->Computer 3
I am using computer 1 to access samba server on computer 3.
My settings for ipfilter firewall:
Best Regards,
Max
I want to block all the traffic except ipsec and ftp traffic. But actually, tcp traffic is not blocked. Can any one help me with this? Thank you so much.
Topology:
Computer 1<-->Computer 2(with firewall)<-->Computer 3
I am using computer 1 to access samba server on computer 3.
My settings for ipfilter firewall:
Code:
pass out quick on em1 all
pass in quick on em1 all
pass in quick on lo0 all
pass out quick on lo0 all
# em0 is the interface connected to computer 3
# FTP
pass out quick on em0 proto tcp from any to any port = 20
pass out quick on em0 proto tcp from any to any port = 21
# IPsec
pass out quick on em0 proto udp from any to any port = ike
pass out quick on em0 proto udp from any to any port = 4500
pass out quick on em0 proto esp from any to any
# routing info, ping
pass out quick on em0 proto udp from any to port = route
pass out quick on em0 proto icmp from any to any
pass out quick on em0 proto igmp from any to any
# default rule
block out quick on em0 all
# to make it simple, pass all for inbound
pass in quick on em0 all
Best Regards,
Max