Date: 30 May 2003 11:26:13 +0200 From: Nelis Lamprecht <nelis@brabys.co.za> To: on@cs.ait.ac.th Cc: FreeBSD Questions Mail List <questions@freebsd.org> Subject: Re: proftpd/ipfw issues Message-ID: <1054286773.36640.31.camel@enigma.8ball.co.za>
next in thread | raw e-mail | index | archive | help
Hi Oliver, Thanks for your reply. I do not block any out going tcp or udp traffic as this machine is used only by myself. For that I have the following rules: $fwcmd add 00303 allow tcp from any to any out setup keep-state $fwcmd add 00405 allow udp from any to any out Do you think the setup keep-state could be causing a problem? Thanks for making the point on my subnet, I have changed that accordingly. Kind regards, Nelis ps. I am not subscribed to the list so please send answers to me directly. >> allow tcp from any to x.x.x.x/24 20,21,22,25,53,80,443 setup >On ACTIVE FTP, the client initiate the connection to the port 21, but the server initiate the connection from the port 20. >So you should open the port 20 with a rule like: >allow tcp from x.x.x.x/24 20 to any setup >Beside, if you have only one server on your network, why opening >incoming ftp to all the subnet? >Olivier
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1054286773.36640.31.camel>