From owner-freebsd-questions Sun Jun 18 14:32:32 2000 Delivered-To: freebsd-questions@freebsd.org Received: from snoopy.brwn.org (intgw1.brwn.org [196.28.127.66]) by hub.freebsd.org (Postfix) with ESMTP id 6222237BA9A for <questions@freebsd.org>; Sun, 18 Jun 2000 14:32:12 -0700 (PDT) (envelope-from willem@snoopy.brwn.org) Received: by snoopy.brwn.org (Postfix, from userid 1001) id 167DB1D8B; Sun, 18 Jun 2000 23:32:07 +0200 (SAST) Date: Sun, 18 Jun 2000 23:32:06 +0200 From: Willem Brown <willem@brwn.org> To: Glenn Johnson <glennpj@bayouhome.net> Cc: questions@freebsd.org Subject: Re: ppp filter to allow fetch traffic Message-ID: <20000618233206.A15360@snoopy.brwn.org> References: <085801bfd750$5d5a0780$0200000a@danco> <20000617225738.A1507@gforce.johnson.home> <20000618104030.A12329@snoopy.brwn.org> <20000618145707.A1178@gforce.johnson.home> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20000618145707.A1178@gforce.johnson.home>; from glennpj@bayouhome.net on Sun, Jun 18, 2000 at 02:57:07PM -0500 X-Public-Key: http://www.brwn.org/~willem/pubkey.txt Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, Which port are you trying to fetch? What does the output of tcpdump show. If it is an active ftp connection it should show an incoming connection from port 20 to a local high port. See if the FTP_PASSIVE_MODE environment variable is set at all. It seems that as soon as it exist, it switches to passive mode, irrespective of the value. I captured the tcpdump traffic to a file for both a active and passive ftp connection and vi'd the file. If it is active you should find the PORT string in the file and the PASV string if it is a passive connection. tcpdump -i tun0 -vv -n -s 256 -w /tmp/ftp.cap port 21 Maybe I'm on the wrong track here? Regards Willem Brown On Sun, Jun 18, 2000 at 02:57:07PM -0500, Glenn Johnson wrote: > On Sun, Jun 18, 2000 at 10:40:30AM +0200, Willem Brown wrote: > > > Hi, > > > > If your using passive FTP then it won't work. Try turning passive ftp > > off. > > I have tried that. It does not make a difference. > > > On Sat, Jun 17, 2000 at 10:57:38PM -0500, Glenn Johnson wrote: > > > > > On Thu, Jun 15, 2000 at 10:04:34PM -0700, Dan O'Connor wrote: > > > > > > > >I have been setting up filters in ppp to only allow certain > > > > >traffic. I would like to allow fetch traffic so I can build > > > > >ports. Without any filters, fetch works fine, but when I add > > > > >filters it does not. I have filters to allow FTP traffic and that > > > > >works fine but not fetch. > > > > > > > > > >What are the filter entries necessary to allow fetch traffic out > > > > >the ppp link? > > -- > Glenn Johnson > glennpj@bayouhome.net -- /* =============================================================== */ /* Linux, FreeBSD, NetBSD, OpenBSD. The choice is yours. */ /* =============================================================== */ In any organization there will always be one person who knows what is going on. This person must be fired. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message