Date: Tue, 29 Dec 1998 14:47:08 -0800 (PST) From: dima@best.net (Dima Ruban) To: dean@thegrid.net (Dean) Cc: freebsd-security@FreeBSD.ORG Subject: Re: ipfw and ftp Message-ID: <199812292247.OAA66134@burka.rdy.com> In-Reply-To: <368934C7.18C17F62@thegrid.net> from Dean at "Dec 29, 1998 12: 0: 8 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
Dean writes: > Hello again, > I am setting up a packet filtering gateway between a small LAN and > the Internet. I am interested in hearing how people have solved the > problem of getting ftp out from the inside. I assume that I will have > to set up ftp on the gateway machine and anyone who wants to ftp out > will have to do a two-part ftp. The lan is small enough that this isn't > too much of a problem. I have this: ruleadd(`pass tcp from any 20 to any 30000-63000 via NETIF setup') ruleadd(`pass tcp from any 20 to any 1024-4096 via NETIF setup') Or alternatively, you can use passive ftp only. In this case you won't need any of these. > Thanks for the input, > Dean > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199812292247.OAA66134>