From owner-freebsd-security Mon Nov 26 10:52:28 2001 Delivered-To: freebsd-security@freebsd.org Received: from hotmail.com (law2-f106.hotmail.com [216.32.181.106]) by hub.freebsd.org (Postfix) with ESMTP id 9C12C37B405; Mon, 26 Nov 2001 10:52:23 -0800 (PST) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Mon, 26 Nov 2001 10:52:23 -0800 Received: from 213.84.199.53 by lw2fd.hotmail.msn.com with HTTP; Mon, 26 Nov 2001 18:52:23 GMT X-Originating-IP: [213.84.199.53] From: "Danny Carroll" To: ru@FreeBSD.ORG Cc: security@FreeBSD.ORG Subject: Re: IPFW, natd and an internal FTP server. Date: Mon, 26 Nov 2001 18:52:23 +0000 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 26 Nov 2001 18:52:23.0579 (UTC) FILETIME=[7C0CE6B0:01C176AB] Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Rusland, Works like an absolute charm... You are a lgend. Can anyone see any reason why someone should not do this? -D >Doh, you're right! We don't currently punch firewall holes for 227/229 >FTP server replies, for no apparent reason. Could you please try the >attached patch? It worked for me, both for the PASV and EPSV modes >with an FTP server running on a NAT box. You'll have to recompile both >lib/libalias and sbin/natd, in that order. _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message