Hello,
On my firewall I have the following rules:
$pif is my public interface, the one is connected to my isp.
to allow the outgoing mail, but I did an nmap on my firewall and I got the following result:
(not bad: no FreeBSD show up in os detection ) )
I did the nmap from one of my freebsd station inside my lan
My firewall is: ipfw, FreeBSD volvo 7.2-RELEASE-p7 FreeBSD 7.2-RELEASE-p7 #0: Mon Mar 1 13:57:18 EST 2010 root@pbsd.muhc.mcgill.ca:/opt2/source/obj-7.2/opt2/source/src/sys/PATRIOTEBSD17 i386
I try the following ipfw rule:
or
or
I did again the nmap and I got the same result ?!
I am lost...
How to block the connexion in (from outside world) to port 25 but I need to send e-mail to outside world ?
Regards,
l2f
On my firewall I have the following rules:
Code:
$fwcmd 6000 $skip tcp from any to any 25 out via $pif setup keep-state
$fwcmd 6100 $skip tcp from any to any 110 out via $pif setup keep-state
$pif is my public interface, the one is connected to my isp.
to allow the outgoing mail, but I did an nmap on my firewall and I got the following result:
Code:
starting Nmap 4.20 ( [url]http://insecure.org[/url] ) at 2010-05-07 09:13 EDT
Warning: OS detection for 74.59.40.171 will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
Warning: OS detection will be MUCH less reliable because we did not find at least 1 open and 1 closed TCP port
Interesting ports on modemcable171.40-59-74.mc.videotron.ca (74.59.40.171):
Not shown: 1695 filtered ports
PORT STATE SERVICE
22/tcp open ssh
[color="Red"]25/tcp open smtp[/color]
Device type: general purpose
Running (JUST GUESSING) : OpenBSD 4.X (89%), Apple Mac OS X 10.3.X|10.4.X (88%)
Aggressive OS guesses: OpenBSD 4.0 (sparc64) (89%), Applie Mac OS X 10.3.9 - 10.4.7 (88%)
No exact OS matches for host (test conditions non-ideal).
OS detection performed. Please report any incorrect results at [url]http://insecure.org/nmap/submit/[/url] .
Nmap finished: 1 IP address (1 host up) scanned in 40.791 seconds
(not bad: no FreeBSD show up in os detection ) )
I did the nmap from one of my freebsd station inside my lan
My firewall is: ipfw, FreeBSD volvo 7.2-RELEASE-p7 FreeBSD 7.2-RELEASE-p7 #0: Mon Mar 1 13:57:18 EST 2010 root@pbsd.muhc.mcgill.ca:/opt2/source/obj-7.2/opt2/source/src/sys/PATRIOTEBSD17 i386
I try the following ipfw rule:
Code:
ipfw add 5999 drop log logamount 5 all from any to any dst-port 25 in via $pif
Code:
ipfw add 5999 drop log logamount 5 all from any to any 25 recv $pif
Code:
ipfw add 5999 drop log logamount 5 all from any to any dst-port 25 in recv $pif
I did again the nmap and I got the same result ?!
I am lost...
How to block the connexion in (from outside world) to port 25 but I need to send e-mail to outside world ?
Regards,
l2f