Date: Mon, 03 Jul 2000 12:08:28 +0800 From: Eugene Grosbein <eugen@svzserv.kemerovo.su> To: freebsd-stable@FreeBSD.ORG Subject: ipfw add 1000 allow log tcp from any to any 21 gid test Message-ID: <396011BC.FF5BC047@svzserv.kemerovo.su>
next in thread | raw e-mail | index | archive | help
Hello! I try to implement access limits to my FTP site for some GID. I use recent FreeBSD 3.5-STABLE, standard ftpd and ipfw. /etc/ftpchroot has a record: @test For some reason, I cannot use non-standard ftp servers like ProFTPd etc. Filtering ftp control connection seems to be enough. But it does not work. When I use rule 'allow log tcp from any to any 21 gid test', it does not match packets. It does, however, when I omit 'gid test'. I make ftp connection from another machine as user test, then 'ps -o rgid,command|grep ftpd' says: 2077 1003 ftpd: my.work.station: test: LIST\r\n (ftpd) It's all right, user test has uid 2077, it's primary group is test(gid 1003). But why packets does not match? Eugene Grosbein To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?396011BC.FF5BC047>