FreeBSD 7.0 ipfilter firewall problem

Hi, all:

I want to block all the traffic except ipsec and ftp traffic. But actually, tcp traffic is not blocked. Can any one help me with this? Thank you so much.

Topology:
Computer 1<-->Computer 2(with firewall)<-->Computer 3
I am using computer 1 to access samba server on computer 3.

My settings for ipfilter firewall:
Code:
pass out quick on em1 all
pass in quick on em1 all
pass in quick on lo0 all
pass out quick on lo0 all

# em0 is the interface connected to computer 3

# FTP
pass out quick on em0 proto tcp from any to any port = 20
pass out quick on em0 proto tcp from any to any port = 21

# IPsec
pass out quick on em0 proto udp from any to any port = ike
pass out quick on em0 proto udp from any to any port = 4500
pass out quick on em0 proto esp from any to any

# routing info, ping
pass out quick on em0 proto udp from any to port = route
pass out quick on em0 proto icmp from any to any 
pass out quick on em0 proto igmp from any to any

# default rule
block out quick on em0 all


# to make it simple, pass all for inbound
pass in quick on em0 all

Best Regards,
Max
 
Start by putting in as the first rule:
Code:
block all

Then open the bits you need.
 
Back
Top