ipfw - denying all - what port for OE

[Dave McCammon]

--- David Banning
<david+dated+1098070473.6eafc9 at skytracker.ca> wrote:

> I am attempting to block everything except ports 80,
> 110, 25 and a
> few others, but I can't seem to get Outlook Express
> mail clients
> to collect mail on the network. Does anyone happen
> to know what
> ports they use? I have tried 110, 25, 443 and about
> 20 others.
> 
> I tried using tcpdump to track the activity when I
> have all ports
> open and use OE, but it seems to use a different
> port each time:
> ports like 2843 and other non-allocated port
> numbers.
> 
> 
The client(OE) will use a non-privileged port to
connect to the POP3(I assume this is what you want)
server port 110. 
To be clearer, are you attempting to block everything
except 80,110,25, and a few others _in_ or _out_?
If you are allowing the client to connect,let's say
out, to the pop server, are you allowing the return
traffic?
Example:(arrows for traffic flow)
Client request
client(2843)->ipfw allow->pop3(110)
Server reply
client(2843)<-ipfw established<-pop3(110)

Simple rule example
allow tcp from any to me established
allow tcp from me to (server) 110 setup
deny ip from any to any

This is similar to the example in the ipfw man page.


Simple rule using dynamic rules

check-state
allow tcp from me to (server) 110 setup keep-state
deny ip from any to any

When "me" makes a setup connection to pop server it
creates a dynamic rule for return traffic. After
looking at the man page again, this rule is like the
example except i didn't use the "established" rule.

Read through the examples in the man page and look at
key words like "established, keep-state, setup,
check-state".



		
_______________________________
Do you Yahoo!?
Declare Yourself - Register online to vote today!
http://vote.yahoo.com