Date: 08 Jun 1999 20:49:10 +0200 From: Dag-Erling Smorgrav <des@flood.ping.uio.no> To: Archie Cobbs <archie@whistle.com> Cc: fpscha@via-net-works.net.ar (Fernando Schapachnik), freebsd-security@FreeBSD.ORG Subject: Re: Passive FTP Message-ID: <xzp7lpettnd.fsf@flood.ping.uio.no> In-Reply-To: Archie Cobbs's message of "Tue, 8 Jun 1999 11:14:33 -0700 (PDT)" References: <199906081814.LAA57994@bubba.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Archie Cobbs <archie@whistle.com> writes: > Fernando Schapachnik writes: > > Anyone has a sample on how to set up ipfw to permit passive FTP > > conections to the server? In my architecture the FTP server is > > firewalling itself. > Simple... find out what client port ranges your FTP server uses (see > the -U option to ftpd(8)) and then open your firewall to allow incoming > TCP packets (including setup packets) to this port range on your server. The description of the -U option in the ftpd(8) man page is misleading. The actual range is defined by sysctl variables (which default to the values given in the ftpd(8) man page); see ip(4). DES -- Dag-Erling Smorgrav - des@flood.ping.uio.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?xzp7lpettnd.fsf>