From owner-freebsd-security Tue Nov 28 16:12:37 2000 Delivered-To: freebsd-security@freebsd.org Received: from point.osg.gov.bc.ca (point.osg.gov.bc.ca [142.32.102.44]) by hub.freebsd.org (Postfix) with ESMTP id 7167137B401 for ; Tue, 28 Nov 2000 16:12:34 -0800 (PST) Received: (from daemon@localhost) by point.osg.gov.bc.ca (8.8.7/8.8.8) id QAA15478; Tue, 28 Nov 2000 16:09:18 -0800 Received: from passer.osg.gov.bc.ca(142.32.110.29) via SMTP by point.osg.gov.bc.ca, id smtpda15475; Tue Nov 28 16:09:02 2000 Received: (from uucp@localhost) by passer.osg.gov.bc.ca (8.11.1/8.9.1) id eAT08rN10134; Tue, 28 Nov 2000 16:08:53 -0800 (PST) Received: from cwsys9.cwsent.com(10.2.2.1), claiming to be "cwsys.cwsent.com" via SMTP by passer9.cwsent.com, id smtpdl10131; Tue Nov 28 16:08:03 2000 Received: (from uucp@localhost) by cwsys.cwsent.com (8.11.1/8.9.1) id eAT083M16683; Tue, 28 Nov 2000 16:08:03 -0800 (PST) Message-Id: <200011290008.eAT083M16683@cwsys.cwsent.com> Received: from localhost.cwsent.com(127.0.0.1), claiming to be "cwsys" via SMTP by localhost.cwsent.com, id smtpdq16677; Tue Nov 28 16:07:10 2000 X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 Reply-To: Cy Schubert - ITSD Open Systems Group From: Cy Schubert - ITSD Open Systems Group X-OS: FreeBSD 4.2-RELEASE X-Sender: cy To: peter@sysadmin-inc.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: ipfw stateful rules not allowing ftp In-reply-to: Your message of "Tue, 28 Nov 2000 17:38:11 PST." <000401c059a5$096a2100$46010a0a@sysadmininc.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Tue, 28 Nov 2000 16:07:10 -0800 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <000401c059a5$096a2100$46010a0a@sysadmininc.com>, "Peter Brezny" wri tes: > I'm using a 4.2-release box used as a firewall. I can connect to the > machine via ftp and can pwd to get what directory i am in however ls and get > don't work. when I disable the firewall, ftp can connect and function > normally. I have sorted throug the rules but can't figure out why ftp seems > to get hobled by the firewall. Especially since there is this rule Without getting into the gory details, IPFW does not support an FTP proxy. You will need to perform passive mode FTP transfers. Regards, Phone: (250)387-8437 Cy Schubert Fax: (250)387-5766 Team Leader, Sun/DEC Team Internet: Cy.Schubert@osg.gov.bc.ca Open Systems Group, ITSD, ISTA Province of BC To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message