Date: Sun, 18 Jun 2000 10:40:30 +0200 From: Willem Brown <willem@brwn.org> To: Glenn Johnson <glennpj@bayouhome.net> Cc: Dan O'Connor <dan@mostgraveconcern.com>, questions@FreeBSD.ORG Subject: Re: ppp filter to allow fetch traffic Message-ID: <20000618104030.A12329@snoopy.brwn.org> In-Reply-To: <20000617225738.A1507@gforce.johnson.home>; from glennpj@bayouhome.net on Sat, Jun 17, 2000 at 10:57:38PM -0500 References: <085801bfd750$5d5a0780$0200000a@danco> <20000617225738.A1507@gforce.johnson.home>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, If your using passive FTP then it won't work. Try turning passive ftp off. Regards Willem Brown On Sat, Jun 17, 2000 at 10:57:38PM -0500, Glenn Johnson wrote: > On Thu, Jun 15, 2000 at 10:04:34PM -0700, Dan O'Connor wrote: >=20 > > >I have been setting up filters in ppp to only allow certain > > >traffic. I would like to allow fetch traffic so I can build > > >ports. Without any filters, fetch works fine, but when I add filters > > >it does not. I have filters to allow FTP traffic and that works fine > > >but not fetch. > > > > > >What are the filter entries necessary to allow fetch traffic out the > > >ppp link? > >=20 > >=20 > > I never had any problems with 'fetch' using the following filters: > >=20 > > set filter in 1 permit tcp src eq 20 dst gt 1023 > > set filter out 1 permit tcp dst eq 20 > > set filter in 2 permit tcp src eq 21 estab > > set filter out 2 permit tcp dst eq 21 >=20 > I have those filters in ppp.conf. If the URL is of the form > http://some.server.com/somefile, then fetch works; if the URL is of > the form ftp://some.server.com/somefile, then fetch does not work. If > I remove all of the filters below then fetch ftp works. This makes no > sense to me because the ftp program itself works fine when the filters > below are present. >=20 > set filter in 0 permit udp src eq 53 > set filter in 1 permit udp src eq 123 > set filter in 2 permit tcp src eq 5999 estab > set filter in 3 permit tcp src eq 22 estab > set filter in 4 permit tcp src eq 110 estab > set filter in 5 permit tcp src eq 25 estab > set filter in 6 permit tcp src eq 21 estab > set filter in 7 permit tcp src eq 20 dst gt 1023 > set filter in 8 permit tcp src eq 80 > set filter in 9 permit tcp dst eq 3128 >=20 > set filter out 0 permit udp dst eq 53 > set filter out 1 permit udp dst eq 123 > set filter out 2 permit tcp dst eq 5999 > set filter out 3 permit tcp dst eq 22 > set filter out 4 permit tcp dst eq 80 > set filter out 5 permit tcp dst eq 110 > set filter out 6 permit tcp dst eq 25 > set filter out 7 permit tcp dst eq 21 > set filter out 8 permit tcp dst eq 20 > set filter out 9 permit tcp src eq 3128 >=20 > --=20 > Glenn Johnson > glennpj@bayouhome.net >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message >=20 --=20 /* =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D */ /* Linux, FreeBSD, NetBSD, OpenBSD. The choice is yours. */ /* =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D */ "I think it is true for all _=08n. I was just playing it safe with _=08n >= =3D 3 because I couldn't remember the proof." -- Baker, Pure Math 351a To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000618104030.A12329>