Re: Another ssh problem - it looks up after a couple of minutes.
From: Neil Hoggarth (njh_at_physiol.ox.ac.uk)
Date: 08/30/05
- Next message: Larry W. Virden: "Re: Virus Scanners for Solaris"
- Previous message: James Carlson: "Re: solaris 10 inetd.conf"
- In reply to: Michael Laajanen: "Re: Another ssh problem - it looks up after a couple of minutes."
- Next in thread: Dave: "Re: Another ssh problem - it looks up after a couple of minutes."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Tue, 30 Aug 2005 15:53:49 +0000 (UTC)
In article <3nh83lF1h3h6U1@individual.net>,
Michael Laajanen <michael_laajanen@yahoo.com> wrote:
> Like this?
>
> pass in quick on hme1 proto tcp from any to any port = 22 flags S/SA
> keep state
Yes, but that's only for incoming connections (initiated by a remote
host). As Oscar said, you also want to make sure that outgoing
connections that are initiated from behind the firewall keep state:
pass out quick on hme1 proto tcp from any to any keep state
(assuming your security policy permits all outgoing traffic).
Regards,
-- Neil Hoggarth Departmental Computing Manager <neil.hoggarth@physiol.ox.ac.uk> Laboratory of Physiology http://www.physiol.ox.ac.uk/~njh/ University of Oxford, UK
- Next message: Larry W. Virden: "Re: Virus Scanners for Solaris"
- Previous message: James Carlson: "Re: solaris 10 inetd.conf"
- In reply to: Michael Laajanen: "Re: Another ssh problem - it looks up after a couple of minutes."
- Next in thread: Dave: "Re: Another ssh problem - it looks up after a couple of minutes."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
