From owner-freebsd-isp  Fri Sep 24  3:27:30 1999
Delivered-To: freebsd-isp@freebsd.org
Received: from proteus.eclipse.net.uk (proteus.eclipse.net.uk [195.188.32.118])
	by hub.freebsd.org (Postfix) with ESMTP id 079E314D1D
	for <FreeBSD-ISP@FreeBSD.ORG>; Fri, 24 Sep 1999 03:26:44 -0700 (PDT)
	(envelope-from stuart@eclipse.net.uk)
Received: from eclipse.net.uk (elara.eclipse.net.uk [195.188.32.31])
	by proteus.eclipse.net.uk (Postfix) with ESMTP
	id A35D49B4E; Fri, 24 Sep 1999 11:24:13 +0100 (BST)
Message-ID: <37EB5213.C0CF7B2F@eclipse.net.uk>
Date: Fri, 24 Sep 1999 11:27:31 +0100
From: Stuart Henderson <stuart@eclipse.net.uk>
Organization: Eclipse Networking Ltd.
X-Mailer: Mozilla 4.61 [en] (WinNT; I)
X-Accept-Language: en-GB
MIME-Version: 1.0
To: "smoerk@gmx.de" <smoerk@gmx.de>
Cc: FreeBSD-ISP List <FreeBSD-ISP@FreeBSD.ORG>
Subject: Re: tunneling ftp from local 127.0.0.1 to remote 127.0.0.1 (SSH 1.5.27)
References: <19990924091930.AEA4814F59@hub.freebsd.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-isp@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

> The outside world shouldn't see a ftp server, a connection to the ftp
> should only be established through a ssh tunnel. How could I do this?

I'm not sure if understand the use of 127.0.0.2
rather than 127.0.0.1, unless it is displayed in 
ifconfig -a and is pingable then ftp wouldn't
be able to see it either.

How about using ipfw to restrict access to the
ftp control channel from network interfaces other
than the loopback?


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-isp" in the body of the message