Date: Sun, 18 Jun 2000 17:36:56 -0500 From: Glenn Johnson <glennpj@bayouhome.net> To: Willem Brown <willem@brwn.org> Cc: questions@freebsd.org Subject: Re: ppp filter to allow fetch traffic Message-ID: <20000618173656.A1917@gforce.johnson.home> In-Reply-To: <20000618233206.A15360@snoopy.brwn.org>; from willem@brwn.org on Sun, Jun 18, 2000 at 11:32:06PM %2B0200 References: <085801bfd750$5d5a0780$0200000a@danco> <20000617225738.A1507@gforce.johnson.home> <20000618104030.A12329@snoopy.brwn.org> <20000618145707.A1178@gforce.johnson.home> <20000618233206.A15360@snoopy.brwn.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 18, 2000 at 11:32:06PM +0200, Willem Brown wrote: > Hi, > > Which port are you trying to fetch? What does the output of tcpdump > show. If it is an active ftp connection it should show an incoming > connection from port 20 to a local high port. > > See if the FTP_PASSIVE_MODE environment variable is set at all. > It seems that as soon as it exist, it switches to passive mode, > irrespective of the value. > > I captured the tcpdump traffic to a file for both a active and passive > ftp connection and vi'd the file. If it is active you should find > the PORT string in the file and the PASV string if it is a passive > connection. > > tcpdump -i tun0 -vv -n -s 256 -w /tmp/ftp.cap port 21 > > Maybe I'm on the wrong track here? No, you nailed it. I had set FTP_PASSIVE_MODE=NO in /etc/login.conf. Upon removing that entry and remaking the login.conf.db file, fetch now works with ppp filters. But this seems like a bug in fetch though. If FTP_PASSIVE_MODE=YES, then the ftp program goes into passive mode and fetch goes into passive mode. If FTP_PASSIVE_MODE=NO, then the ftp program does NOT go into passive mode but fetch will still be in passive mode. So the ftp program differentiates between YES and NO but fetch does not. What I really do not understand is why if I remove packet filtering in ppp that fetch works regardless of what the FTP_PASSIVE_MODE setting is. Anyway, thanks for your help. > > Regards Willem Brown > > On Sun, Jun 18, 2000 at 02:57:07PM -0500, Glenn Johnson wrote: > > > On Sun, Jun 18, 2000 at 10:40:30AM +0200, Willem Brown wrote: > > > > > Hi, > > > > > > If your using passive FTP then it won't work. Try turning passive > > > ftp off. > > > > I have tried that. It does not make a difference. > > > > > On Sat, Jun 17, 2000 at 10:57:38PM -0500, Glenn Johnson wrote: > > > > > > > On Thu, Jun 15, 2000 at 10:04:34PM -0700, Dan O'Connor wrote: > > > > > > > > > >I have been setting up filters in ppp to only allow certain > > > > > >traffic. I would like to allow fetch traffic so I can build > > > > > >ports. Without any filters, fetch works fine, but when I add > > > > > >filters it does not. I have filters to allow FTP traffic and > > > > > >that works fine but not fetch. > > > > > > > > > > > >What are the filter entries necessary to allow fetch traffic > > > > > >out the ppp link? -- Glenn Johnson glennpj@bayouhome.net To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20000618173656.A1917>