From owner-freebsd-questions Thu Jan 4 17:45:39 1996 Return-Path: owner-questions Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id RAA12115 for questions-outgoing; Thu, 4 Jan 1996 17:45:39 -0800 (PST) Received: from Aspen.Woc.Atinc.COM (aspen.woc.atinc.com [198.138.38.205]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id RAA12095 Thu, 4 Jan 1996 17:45:33 -0800 (PST) Received: (from jmb@localhost) by Aspen.Woc.Atinc.COM (8.6.12/8.6.9) id UAA09411; Thu, 4 Jan 1996 20:45:20 -0500 Date: Thu, 4 Jan 1996 20:45:19 -0500 (EST) From: "Jonathan M. Bresler" X-Sender: jmb@Aspen.Woc.Atinc.COM To: security@FreeBSD.ORG cc: questions@FreeBSD.ORG Subject: PASV, FreeBSD does! sunos fails. Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-questions@FreeBSD.ORG Precedence: bulk my new employer is a large sun shop. sparcs and ncd's everywhere. we also have a firewall to pass through. NONE of the suns have an ftp client that supports PASV. FreeBSD 2.1R does. ;) tomorrow i will be recompiling FreeBSD 2.1R ftp code on sunos 4.1.3 and porting it to sunos 5.4 score two points, gentlemen. i believe that a one line message will appear everytime the 'new' ftp is run. "This application ported from FreeBSD 2.1" jmb ps what is PASV?? ftp uses two tcp connections, one for commands and one for data transfers (files and ls output for instance). the ftp client (some high port) connects to the server (port 21) to create the command connection. the server (port 20) connects to the client (high port) to return the data. some firewalls filter out incoming tcp connections (ip flags has SYN set, ACK not set). so ftp does not work. enter PASV. the client creates both the command and the data connections to the server. all packets from the server have both SYN and ACK set. Jonathan M. Bresler FreeBSD Postmaster jmb@FreeBSD.ORG play go. ride bike. hack FreeBSD.--ah the good life i am moving to a new job. PLEASE USE: jmb@FreeBSD.ORG