Date: Tue, 16 Oct 2001 05:12:09 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: cjclark@alum.mit.edu Cc: Jason DiCioccio <geniusj@bluenugget.net>, "Thomas T. Veldhouse" <veldy@veldy.net>, David Kelly <dkelly@hiwaay.net>, Alfatrion <alfatrion@cybertron.tmfweb.nl>, "Maine LOA List Admin (Brent Bailey)" <brentb@loa.com>, "Hartmann, O." <ohartman@klima.physik.uni-mainz.de>, freebsd-stable@FreeBSD.ORG, freebsd-questions@FreeBSD.ORG Subject: Re: IPFW or IPFILTER? Message-ID: <200110161213.f9GCD0M06818@cwsys.cwsent.com> In-Reply-To: Your message of "Fri, 12 Oct 2001 23:28:18 PDT." <20011012232818.J6274@blossom.cjclark.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <20011012232818.J6274@blossom.cjclark.org>, "Crist J. Clark" writes: > On Fri, Oct 12, 2001 at 11:08:25PM -0700, Jason DiCioccio wrote: > > On Friday, October 12, 2001, at 08:39 , Crist J. Clark wrote: > > > On Fri, Oct 12, 2001 at 01:11:17PM -0500, Thomas T. Veldhouse wrote: > > >> FTP works in passive and active mode using IPNat. > > >> > > >> map dc1 192.168.0.0/24 -> www.xxx.yyy.zzz/32 proxy port ftp ftp/tcp > > >> map dc1 192.168.0.0/24 -> www.xxx.yyy.zzz/32 portmap tcp/udp 1025:60000 > > > > > > Except when the ftp proxy is panicing the kernel. When non-ftp data > > > was passed over port 21, up until recently, it could easily crash your > > > system. > > > > I've never seen this behavior before actually.. When was this fixed? Was > > it IPFilter or just IPFilter on FreeBSD? > > I don't think it was platform specific. I recall the discussion from > the IPFilter list, ipfilter@coombs.anu.edu.au. Look at list archives > for more info. I believe Kazaa (which, IIRC, does some funky HTTP-like > protocol on port 21 by default) was the particular application causing > people headaches. This particular problem was fixed in IPF 3.4-CURRENT (3.4.20+1). Darren doesn't have it on his FTP site nor is it pointed to by his web site. 3.4-CURRENT can be retrieved from http://coombs.anu.edu.au/~avalo n/ipf3.4-current.tgz. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/Alpha Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD Ministry of Management Services Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110161213.f9GCD0M06818>