From owner-freebsd-security Sat Apr 1 14:31: 9 2000 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 28F5D37BCE6 for ; Sat, 1 Apr 2000 14:31:06 -0800 (PST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id PAA81053; Sat, 1 Apr 2000 15:31:04 -0700 (MST) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id PAA48314; Sat, 1 Apr 2000 15:30:31 -0700 (MST) Message-Id: <200004012230.PAA48314@harmony.village.org> To: nate@yogotech.com (Nate Williams) Subject: Re: FTP with firewall rules Cc: Jim Durham , freebsd-security@FreeBSD.ORG In-reply-to: Your message of "Sat, 01 Apr 2000 11:25:55 MST." <200004011825.LAA04705@nomad.yogotech.com> References: <200004011825.LAA04705@nomad.yogotech.com> <38E159DF.3D7E5DF6@w2xo.pgh.pa.us> Date: Sat, 01 Apr 2000 15:30:31 -0700 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <200004011825.LAA04705@nomad.yogotech.com> Nate Williams writes: : Why? I've got it setup that way (been that way for a couple of years), : and things work fine. However, I do things a bit 'non-standard', and go : hack the sources to both ftp and fetch to make passive mode the : default on my boxes. :) I have had the following in my /etc/make.conf for a very long time: FETCH_CMD=runsocks ftp -p FETCH_BEFORE_ARGS= FETCH_AFTER_ARGS= But I do have to sometimes hack port Makefiles that set before/after args... Like Nate said. What's the problem with passive mode? I'm doing it over socks, which adds a whole layer of added complexity. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message