From owner-freebsd-questions Sun Feb 18 8:31:34 2001 Delivered-To: freebsd-questions@freebsd.org Received: from nova.fqdn.com (fqdn.com [204.138.49.210]) by hub.freebsd.org (Postfix) with ESMTP id 8FAD337B4EC; Sun, 18 Feb 2001 08:30:55 -0800 (PST) Received: from fqdn.com (greg [204.138.49.213]) by nova.fqdn.com (SGI-8.9.3/8.9.3) with ESMTP id LAA34445; Sun, 18 Feb 2001 11:18:58 -0500 (EST) Message-ID: <3A90229B.A1E85137@fqdn.com> Date: Sun, 18 Feb 2001 11:29:31 -0800 From: greg X-Mailer: Mozilla 4.76 [en] (Windows NT 5.0; U) X-Accept-Language: en MIME-Version: 1.0 To: squid-users@ircache.net Cc: freebsd-security@FreeBSD.ORG Subject: FTP via squid/firewall setup Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hello. I have a squid proxy set up behind a firewall. The packets from the squid proxy are diverted threw a NAT dameon on the firewall. Having failed to configure squid to use ftp-gw on the firewall, I am attempting to have ftp work using NAT as well. I understand why normal-mode ftp doesn't work. I've adjusted the squid.conf option "ftp_passive" to "on". When I ftp from netscape (configed to use the proxy) an error is returned after a short while stating " Squid sent the following: NLST and recived the reply: No files found". The packet log below is a capture of this conversation. The logs on the proxy will display the error: "proxy2# Feb 16 15:41:24 proxy2 squid[3137]: ftpTimeout: timeout in SENT_PASV state." If I ftp to the same server from the command prompt on the proxy, I recive an error that looks simular to the error that is returned while attempting the same with normal mode ftp. The error reads "425 Can't build data connection: Connection timed out." Would anyone know what the problem may be, or have a better solution? I really don't want to run any proxy like software on the firewall if it can be advoided, and would rather not have clients connect direct to the firewall, I'd like to have the proxy as the only trusted internal host. ftp-gw was an attempt at gettting around the ftp normal-mode issue. Thanks for your time, please let me know if you require more information. .INTERNAL-NET . | .PROXY . | .FIREWALL---FTP-server--WWW-server--ROUTER2----INTERNET . | .ROUTER-1 . | .INTERNET some information: - 3 NICs in the firewall -two different internet links - FTP, WEB, routers and external NICs on the firewall have internet IPs. -The proxy and internal NIC have registered IPS, but they are not known or in any routing tables on any internet routers. -Web stuff works fine. -natd alias outgoing traffic to the interface that points towards the web and ftp server. -FreeBSD firewall using natd 222.222.222.222= ftp server 222.222.222.111=NIC IP that natd alias to. (I have changed the IPs from what they really are for this letter) [/root] # snort -devaC -i fxp0 host 222.222.222.222 and port 20 or port 21 Initializing Network Interface... => Decoding Ethernet on interface fxp0 -*> Snort! <*- Version 1.6.3 By Martin Roesch (roesch@clark.net, www.snort.org) =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:45.337581 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x36 222.222.222.111:1359 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10942 ****R*** Seq: 0xD4324B52 Ack: 0x0 Win: 0x0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:45.337862 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x36 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10943 DF ******A* Seq: 0xD483AE46 Ack: 0xC661201 Win: 0x4470 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.365829 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x84 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16888 DF *****PA* Seq: 0xC661201 Ack: 0xD483AE46 Win: 0xC000 220-____________________________________________________________ ____________.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.456562 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x36 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10945 DF ******A* Seq: 0xD483AE46 Ack: 0xC66124F Win: 0x4470 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.457811 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x4E2 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16889 DF *****PA* Seq: 0xC66124F Ack: 0xD483AE46 Win: 0xC000 220-____________________________________________________________ ____________..220-..220-...COMPANY-NAME..220-________________ ________________________________________________________..220-__ ________________________________________________________________ ______..220-..220-..220-This is a private facility. Access for any reason must be specifically..220-authorized by COMPANY . ..220-..220-Unless you are so authorized, your continued acc ess and..220-any other use may subject you to criminal and/or ci vil..220-proceedings, including criminal prosecution under the F ederal ..220-Computer Fraud and Abuse Act, 18 United States Code Section 1030...220-..220-______________________________________ __________________________________..220-..220-Uploads to this ma chine are monitored. Distribution of Copyrighted ..220-material may be reported to your ISP, SPA or to your local authorities. ..220-..220-Questions should be directed to noc@COMPANY..220- ..220-Systems Staff/COMPANY-NAME, ...220-____________ ____________________________________________________________..22 0- ..220-..220 ftp.COMPANY.com FTP server (Version wu-2.6 .1(4) Thu Oct 19 12:22:44 EDT 2000) ready... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.458714 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x46 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10946 DF *****PA* Seq: 0xD483AE46 Ack: 0xC6616FB Win: 0x4470 USER anonymous.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.458935 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16890 DF ******A* Seq: 0xC6616FB Ack: 0xD483AE56 Win: 0xC000 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.461348 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x7A 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16891 DF *****PA* Seq: 0xC6616FB Ack: 0xD483AE56 Win: 0xC000 331 Guest login ok, send your complete e-mail address as passwor d... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.461777 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x45 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10947 DF *****PA* Seq: 0xD483AE56 Ack: 0xC66173F Win: 0x4470 PASS SQUID@.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.464418 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x82 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16892 DF *****PA* Seq: 0xC66173F Ack: 0xD483AE65 Win: 0xC000 230-____________________________________________________________ __________.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.556561 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x36 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10948 DF ******A* Seq: 0xD483AE65 Ack: 0xC66178B Win: 0x4470 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.557139 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x1EC 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16893 DF *****PA* Seq: 0xC66178B Ack: 0xD483AE65 Win: 0xC000 230-____________________________________________________________ __________..230-..230-.Please place all files into the 'incoming ' directory. ..230- Any questions or issues please send emai l to noc@COMPANY.com...230-______________________________________ ________________________________..230-__________________________ ____________________________________________..230-..230-..230-.. 230-..230 Guest login ok, access restrictions apply... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.557762 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x3E 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10949 DF *****PA* Seq: 0xD483AE65 Ack: 0xC661941 Win: 0x4470 TYPE A.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.558505 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x4A 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16894 DF *****PA* Seq: 0xC661941 Ack: 0xD483AE6D Win: 0xC000 200 Type set to A... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.559554 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x50 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10950 DF *****PA* Seq: 0xD483AE6D Ack: 0xC661955 Win: 0x4470 PORT 209,167,51,162,5,82.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.560354 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x54 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16895 DF *****PA* Seq: 0xC661955 Ack: 0xD483AE87 Win: 0xC000 200 PORT command successful... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.560777 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x3C 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10951 DF *****PA* Seq: 0xD483AE87 Ack: 0xC661973 Win: 0x4470 LIST.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.569661 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16896 DF ******A* Seq: 0xC661973 Ack: 0xD483AE8D Win: 0xC000 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:48.570752 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:20 -> 222.222.222.111:1362 TCP TTL:60 TOS:0x8 ID:16897 **S***** Seq: 0xC6DD2E0 Ack: 0x0 Win: 0xC000 TCP Options => MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:38:54.590308 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:20 -> 222.222.222.111:1362 TCP TTL:60 TOS:0x8 ID:16898 **S***** Seq: 0xC6DD2E0 Ack: 0x0 Win: 0xC000 TCP Options => MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:39:17.065912 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:20 -> 222.222.222.111:1362 TCP TTL:60 TOS:0x8 ID:16899 **S***** Seq: 0xC6DD2E0 Ack: 0x0 Win: 0xC000 TCP Options => MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:02.018776 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:20 -> 222.222.222.111:1362 TCP TTL:60 TOS:0x8 ID:16900 **S***** Seq: 0xC6DD2E0 Ack: 0x0 Win: 0xC000 TCP Options => MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:03.725467 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x6E 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16901 DF *****PA* Seq: 0xC661973 Ack: 0xD483AE8D Win: 0xC000 425 Can't build data connection: Connection timed out... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:03.726337 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x3C 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10962 DF *****PA* Seq: 0xD483AE8D Ack: 0xC6619AB Win: 0x4470 NLST.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:03.727277 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x4B 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16902 DF *****PA* Seq: 0xC6619AB Ack: 0xD483AE93 Win: 0xC000 550 No files found... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:03.728384 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x50 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10963 DF *****PA* Seq: 0xD483AE93 Ack: 0xC6619C0 Win: 0x4470 PORT 209,167,51,162,5,83.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:03.728857 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x54 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16903 DF *****PA* Seq: 0xC6619C0 Ack: 0xD483AEAD Win: 0xC000 200 PORT command successful... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:03.729306 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x3C 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10964 DF *****PA* Seq: 0xD483AEAD Ack: 0xC6619DE Win: 0x4470 LIST.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:03.744365 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:20 -> 222.222.222.111:1363 TCP TTL:60 TOS:0x8 ID:16904 **S***** Seq: 0xD013620 Ack: 0x0 Win: 0xC000 TCP Options => MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:03.825186 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16905 DF ******A* Seq: 0xC6619DE Ack: 0xD483AEB3 Win: 0xC000 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:09.645216 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:20 -> 222.222.222.111:1363 TCP TTL:60 TOS:0x8 ID:16906 **S***** Seq: 0xD013620 Ack: 0x0 Win: 0xC000 TCP Options => MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:40:32.120903 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:20 -> 222.222.222.111:1363 TCP TTL:60 TOS:0x8 ID:16907 **S***** Seq: 0xD013620 Ack: 0x0 Win: 0xC000 TCP Options => MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:41:17.073241 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:20 -> 222.222.222.111:1363 TCP TTL:60 TOS:0x8 ID:16908 **S***** Seq: 0xD013620 Ack: 0x0 Win: 0xC000 TCP Options => MSS: 1460 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:41:18.980307 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x6E 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16909 DF *****PA* Seq: 0xC6619DE Ack: 0xD483AEB3 Win: 0xC000 425 Can't build data connection: Connection timed out... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:41:18.987603 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x3C 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10965 DF *****PA* Seq: 0xD483AEB3 Ack: 0xC661A16 Win: 0x4470 NLST.. =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:41:18.988601 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x4B 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16910 DF *****PA* Seq: 0xC661A16 Ack: 0xD483AEB9 Win: 0xC000 550 No files found... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:41:18.989700 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x36 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10966 DF ***F**A* Seq: 0xD483AEB9 Ack: 0xC661A2B Win: 0x4470 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:41:18.989923 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x3C 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16911 DF ******A* Seq: 0xC661A2B Ack: 0xD483AEBA Win: 0xC000 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:41:18.990024 8:0:69:HH:II:JJ -> 0:90:27:EE.FF.GG type:0x800 len:0x5B 222.222.222.222:21 -> 222.222.222.111:1361 TCP TTL:60 TOS:0x10 ID:16912 DF *****PA* Seq: 0xC661A2B Ack: 0xD483AEBA Win: 0xC000 221 You could at least say goodbye... =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ 02/16-15:41:18.990383 0:90:27:EE.FF.GG -> 8:0:69:HH:II:JJ type:0x800 len:0x36 222.222.222.111:1361 -> 222.222.222.222:21 TCP TTL:63 TOS:0x0 ID:10968 ****R*** Seq: 0xD483AEBA Ack: 0x0 Win: 0x0 =+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+=+ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message