Article:		Configuring Jaguar's Firewall
Subject:		Question about firewalls and Sharing
Date:		2003-01-04 22:20:18
From:		ishafe
In the 'Sharing' section of my System Preferences I have all my services turned off in the 'Services' tab and no ports open in the 'Firewall' tab. When I do a 'ipfw -list' it says '65535 allow ip from any to any'. When I try to connect to any port (via telnet) I get a connection refused message (which is what I want). My question is how are these ports blocked? It seems like it's not the firewall, since it says all ports are open from all.

Showing messages 1 through 1 of 1.

• Question about firewalls and Sharing
  2003-01-05 14:11:03  cochella [View]
  
  
  You are receiving "Connection refused" because you have the telnet service turned off.
  
  I just went through a test configuration where I turned FTP Access on and the firewall off (only the default rule 65535 was installed). I had no problem connecting. This illustrates that outside access is available!
  
  I then turned the FTP Access off while leaving the firewall off and I was refused connection. The refusal is coming from the FTP service NOT responding.
  
  In a sense, by not allowing any services, there are no services to protect against misuse. However, it would not hurt to turn your firewall on. If you choose to offer no outside access then the configuration is relatively simple. The complications (and fun) come into play when you want to allow outside access for some services but not others and then allow access to certain computers.
  
  I hope this helps.
  
  Best regards,
  Chris