From owner-freebsd-questions  Wed Jun 13  1:35:32 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65])
	by hub.freebsd.org (Postfix) with ESMTP id ACDF437B405
	for <freebsd-questions@FreeBSD.ORG>; Wed, 13 Jun 2001 01:35:24 -0700 (PDT)
	(envelope-from ru@whale.sunbay.crimea.ua)
Received: (from ru@localhost)
	by whale.sunbay.crimea.ua (8.11.2/8.11.2) id f5D8YuE99014;
	Wed, 13 Jun 2001 11:34:56 +0300 (EEST)
	(envelope-from ru)
Date: Wed, 13 Jun 2001 11:34:56 +0300
From: Ruslan Ermilov <ru@FreeBSD.ORG>
To: edwin chan <slack@suntop-cn.com>
Cc: freebsd-questions@FreeBSD.ORG
Subject: Re: about natd punch-fw function
Message-ID: <20010613113456.G35383@sunbay.com>
Mail-Followup-To: edwin chan <slack@suntop-cn.com>,
	freebsd-questions@FreeBSD.ORG
References: <006c01c0f34e$9b1c5da0$9201a8c0@home.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <006c01c0f34e$9b1c5da0$9201a8c0@home.net>; from slack@suntop-cn.com on Tue, Jun 12, 2001 at 10:47:22PM +0800
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

On Tue, Jun 12, 2001 at 10:47:22PM +0800, edwin chan wrote:
> Hi
>   I can't understand what punch-fw options do, and  how it works ? anybody
> can teach me some about ?
> 
> attention: please include my e-mail address in reply, I not order this
> maillist.
> 
Basically, for FTP, the libalias code intercepts PORT command, aliases
it, and installs temporary firewall rule that allows incoming connection
from the server's TCP port 20 to come through.  After the connection is
dropped, the firewall rule is deleted.  Better viewed in action, just
try it with ftp(1) behind FireWall+NAT box (don't forget to turn the
passive mode off).


Cheers,
-- 
Ruslan Ermilov		Oracle Developer/DBA,
ru@sunbay.com		Sunbay Software AG,
ru@FreeBSD.org		FreeBSD committer,
+380.652.512.251	Simferopol, Ukraine

http://www.FreeBSD.org	The Power To Serve
http://www.oracle.com	Enabling The Information Age

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message