Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 20 Apr 2000 16:21:52 -0700 (PDT)
From:      Bhishan Hemrajani <bhishan@cytosine.dhs.org>
To:        Aaron Birenboim <aaron@aptec.com>
Cc:        questions@FreeBSD.ORG
Subject:   Re: firewall design
Message-ID:  <200004202321.e3KNLqx33162@cytosine.dhs.org>
In-Reply-To: <38FF8B91.6F23DABF@aptec.com> from Aaron Birenboim at "Apr 20, 2000 04:58:25 pm"
next in thread | previous in thread | raw e-mail | index | archive | help 
http://www.freebsd.org/handbook/firewalls.html
http://www.freebsddiary.org/filtering.html
http://www.freebsddiary.org/firewalls.html

The most likely reason that you're having that FTP problem is because
you are not using PASV mode. Set your ftp client to use PASV mode
and all will be well.

--bhishan

> I have a great many questions about firewalling, by ipfw.
> Far too many to ask.
> 
> I have one working, but am often forced to punch holes
> in it to ger FTP clients working, ping (ICMP), etc.
> 
> Where can I find writings on how build a USEFULL
> firewall from FreeBSD?
> I'm having a hard time setting it up to allow what I want
> to allow through, nothing more, nothing less.
> Does the o'riley book cover examples pertinent to FreeBSD?
> Does anybody have a FBSD firewall DESIGN FAQ or www site?
> I know the iusage of the ipfw command, I just run into problems
> with things like ftp servers trying to make data sockets back
> to my network... is there a way to allow them in for that?
> It will only get harder when I get NAT running...
> -- 
> Aaron Birenboim         | Cell: (505) 350-1996 | Office: (505) 853-6866
> ATA, ABQ  NM            |  bug_aaron@aptec.com |  perl is the duct-tape
> aaron@aptec.com         | FAX:  (505) 768-1379 |      of software.
> www.aptec.com/~birenboi | Main Office 247-8371 |          - Grady Booch
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
> 



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200004202321.e3KNLqx33162>