From owner-freebsd-questions Sun Jun 9 11: 6:48 2002 Delivered-To: freebsd-questions@freebsd.org Received: from valis.olywa.net (valis.olywa.net [216.173.192.2]) by hub.freebsd.org (Postfix) with ESMTP id 5147137B401 for ; Sun, 9 Jun 2002 11:06:45 -0700 (PDT) Received: from intrepid.snowpoint.com ([216.173.213.173]) by valis.olywa.net (Post.Office MTA v3.5.3 release 223 ID# 0-56662U5000L500S0V35) with ESMTP id net for ; Sun, 9 Jun 2002 11:06:42 -0700 Received: from ([216.173.213.172]) by intrepid.snowpoint.com (Merak 4.10.020) with SMTP id HUB36795 for ; Sat, 08 Jun 2002 21:41:54 -0700 From: "Corey Snow" To: freebsd-questions@freebsd.org Date: Sat, 8 Jun 2002 21:46:24 -0700 MIME-Version: 1.0 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Subject: Configure bridging firewall for FTP Message-ID: <3D027B30.20018.6687652@localhost> X-mailer: Pegasus Mail for Win32 (v3.12c) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG I have a machine set up as a bridging firewall. It exists between my DSL and my LAN. I'd like to be able to set it up to allow FTP, but I'm not sanguine about the idea of a rule like: ipfw add allow tcp any 20 1024-32768 to myhost Which basically gives any system the ability to get past my firewall as long as their source port is 20. I would think there's a better way to do it, aside from using PASV mode for all transfers, but I'm not sure what it is. Thanks for any responses, Corey To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message