From owner-freebsd-security Sun Jun 24 23:58:19 2001 Delivered-To: freebsd-security@freebsd.org Received: from mta04.onebox.com (mta04.onebox.com [64.68.77.147]) by hub.freebsd.org (Postfix) with ESMTP id AEC4A37B437 for ; Sun, 24 Jun 2001 23:58:08 -0700 (PDT) (envelope-from ohshutup@zdnetmail.com) Received: from onebox.com ([10.1.101.9]) by mta04.onebox.com (InterMail vM.4.01.03.21 201-229-121-121-20010307) with SMTP id <20010625065808.HDO26282.mta04.onebox.com@onebox.com>; Sun, 24 Jun 2001 23:58:08 -0700 Received: from [24.176.48.110] by onebox.com with HTTP; Sun, 24 Jun 2001 23:58:08 -0700 Date: Sun, 24 Jun 2001 23:58:08 -0700 Subject: Re: IPF rule response [should be IPFW rule response instead] Reply-To: ohshutup@zdnetonebox.com From: "Kris Anderson" To: "Karsten W. Rohrbach" Cc: freebsd-security@FreeBSD.ORG Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit MIME-Version: 1.0 Message-Id: <20010625065808.HDO26282.mta04.onebox.com@onebox.com> Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Oops, you are right. I am. doh... But none the less what is the 195. network trying to do with my system? I didn't initiate any requests from/to that system. Kris Anderson(ohshutup@zdnetmail.com)@2001.06.22 15:03:12 +0000: > Howdy folks, > > I've got a rule in my ipf that is reporting the following to syslog > > : <2>Jun 22 14:51:34 /kernel: ipfw: 3 Deny TCP 195.224.212.72:21 > :21 in via rl0 > > I have limited understanding but it looks like that some bonehead on > the 195. network is doing some sort of goofy ftp thing to my public_if, > almost as if it was ftp relaying. > > Could somebody unconfuse me as to what this means? > >it seems that you are mixing up ipf (ipfilter) and ipfw in the first >place. a properly configured ipfilter with ftp in-core proxy for >keeping state on the sessions would solve it i think. > /k -- > "In Christianity neither morality nor religion come into contact with > reality at any point." --Friedrich Nietzsche KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH SeniorTechie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/ karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E2964 BF46 Please do not remove my address from To: and Cc: fields in mailing lists.10x ___________________________________________________________________ To get your own FREE ZDNet Onebox - FREE voicemail, email, and fax, all in one place - sign up today at http://www.zdnetonebox.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message