I made a new rule to allow tcp port 23 traffic outbound. But I am
unable to connect to the external ftp server on port 23. In the log
files I see the following
Ports 20 - 24 are allowed out. No rule for inbound.


" deny out eth 1 48 tcp 20 127 192... 156.12... 8261 3094 syn (default)"

How do I read the above line? What dose the 48 tcp 20 represent and
also the 8261 and 3064?

Thanks

In article <1190406871.569420.87160 [at] g4g2000hsf.googlegroups.com>, babyB1
[at] gmail.com says...
> I made a new rule to allow tcp port 23 traffic outbound. But I am
> unable to connect to the external ftp server on port 23. In the log
> files I see the following
> Ports 20 - 24 are allowed out. No rule for inbound.
>
>
> " deny out eth 1 48 tcp 20 127 192... 156.12... 8261 3094 syn (default)"
>
> How do I read the above line? What dose the 48 tcp 20 represent and
> also the 8261 and 3064?

what version of WatchGuard?

--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free [at] rrohio.com (remove 999 for proper email address)

On Sep 21, 7:36 pm, Leythos <v... [at] nowhere.lan> wrote:
> In article <1190406871.569420.87... [at] g4g2000hsf.googlegroups.com>, babyB1
> [at] gmail.com says...
>
> > I made a new rule to allow tcp port 23 traffic outbound. But I am
> > unable to connect to the external ftp server on port 23. In the log
> > files I see the following
> > Ports 20 - 24 are allowed out. No rule for inbound.
>
> > " deny out eth 1 48 tcp 20 127 192... 156.12... 8261 3094 syn (default)"
>
> > How do I read the above line? What dose the 48 tcp 20 represent and
> > also the 8261 and 3064?
>
> what version of WatchGuard?
>
> --
>
> Leythos
> - Igitur qui desiderat pacem, praeparet bellum.
> - Calling an illegal alien an "undocumented worker" is like calling a
> drug dealer an "unlicensed pharmacist"
> spam999f... [at] rrohio.com (remove 999 for proper email address)

Version x20e 8.2.1

In article <1190464460.162155.305750 [at] y42g2000hsy.googlegroups.com>,
babyB1 [at] gmail.com says...
> On Sep 21, 7:36 pm, Leythos <v... [at] nowhere.lan> wrote:
> > In article <1190406871.569420.87... [at] g4g2000hsf.googlegroups.com>, babyB1
> > [at] gmail.com says...
> >
> > > I made a new rule to allow tcp port 23 traffic outbound. But I am
> > > unable to connect to the external ftp server on port 23. In the log
> > > files I see the following
> > > Ports 20 - 24 are allowed out. No rule for inbound.
> >
> > > " deny out eth 1 48 tcp 20 127 192... 156.12... 8261 3094 syn (default)"
> >
> > > How do I read the above line? What dose the 48 tcp 20 represent and
> > > also the 8261 and 3064?
> >
> > what version of WatchGuard?
> >
>
> Version x20e 8.2.1

If you have an X20, then it's new enough that you should also have
support - just call them directly.

FTP requires 2 ports, not just one.

If you look at the DENY line:

DENY, OUT, ETH x, AAA, TCP, BBB, CCC, IP.AD.D.RES1, IP.AD.D.RES2, DDDD,
EEEE

the EEEE is the port that's being rejected, DDDDD is the source port
that is trying to get out to port EEEE (you can ignore DDDD).

SYN DEFAULT means that the default firewall rules are blocking outbound
port 3094 - the port you're trying to use to FTP too.

Based on your post, it appears you are trying to use port 3094 for FTP
and not 23.


--

Leythos
- Igitur qui desiderat pacem, praeparet bellum.
- Calling an illegal alien an "undocumented worker" is like calling a
drug dealer an "unlicensed pharmacist"
spam999free [at] rrohio.com (remove 999 for proper email address)