Date: Fri, 8 Sep 2006 09:14:58 +0400 From: Mikhael Y Danilenko <mikexplorer@mail.ru> To: freebsd-ipfw@freebsd.org Subject: Re: rc.firewall rule for passive FTP from FTP server side Message-ID: <1605302864.20060908091458@mail.ru> In-Reply-To: <45008C28.3000807@enabled.com> References: <45008C28.3000807@enabled.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, Noah.
N> ---- snip ----
N> #/** Allow setup of FTP PASSIVE **/
N> ${fwcmd} add allow tcp from ${ip} to any 1024-65534 keep-state
N> ${fwcmd} add allow tcp from ${ip} to any 21 keep-state
N> --- snip ----
My FTP server run as ftp server and client (for download software),
and my ipfw rule:
# Allow setup of incoming ftp
${fwcmd} add pass tcp from any to ${ip} 21 setup keep-state
${fwcmd} add pass tcp from any to ${ip} 49152-65535 setup keep-state
# Allow setup of outgoing TCP connections only
${fwcmd} add pass tcp from ${ip} to any setup keep-state
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1605302864.20060908091458>