From owner-freebsd-security  Tue Nov 27  3: 4:46 2001
Delivered-To: freebsd-security@freebsd.org
Received: from www.suntop-cn.com (www.suntop-cn.com [61.140.76.155])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4D4D137B419; Tue, 27 Nov 2001 03:04:40 -0800 (PST)
Received: from win ([61.144.145.58])
	(authenticated)
	by www.suntop-cn.com (8.11.3/8.11.3) with ESMTP id fARB4cH33361;
	Tue, 27 Nov 2001 19:04:39 +0800 (CST)
	(envelope-from slack@suntop-cn.com)
Message-ID: <007e01c17733$64bc8b40$9201a8c0@home.net>
From: "edwin chen" <slack@suntop-cn.com>
To: "Danny Carroll" <dannycarroll@hotmail.com>, <ru@FreeBSD.ORG>
Cc: <security@FreeBSD.ORG>
References: <LAW2-F106gRB0OCxDqi000195a2@hotmail.com>
Subject: Re: IPFW, natd and an internal FTP server.
Date: Tue, 27 Nov 2001 19:05:10 +0800
MIME-Version: 1.0
Content-Type: text/plain;
	charset="gb2312"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.50.4133.2400
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4133.2400
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

hi, do you can send a piece of you firewall rules to me that show me how
punch hole work ? I don't understand this function, and I am not a
programmer don't understand source code either. thanks.

edwin chen

----- Original Message -----
From: "Danny Carroll" <dannycarroll@hotmail.com>
To: <ru@FreeBSD.ORG>
Cc: <security@FreeBSD.ORG>
Sent: Tuesday, November 27, 2001 2:52 AM
Subject: Re: IPFW, natd and an internal FTP server.


> Rusland,
>
> Works like an absolute charm...  You are a lgend.
> Can anyone see any reason why someone should not do this?
>
> -D
>
> >Doh, you're right!  We don't currently punch firewall holes for 227/229
> >FTP server replies, for no apparent reason.  Could you please try the
> >attached patch?  It worked for me, both for the PASV and EPSV modes
> >with an FTP server running on a NAT box.  You'll have to recompile both
> >lib/libalias and sbin/natd, in that order.
>
>
>
> _________________________________________________________________
> Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
>


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message