Date: Sat, 12 May 2001 17:53:26 +0400 From: "Artem Koutchine" <matrix@ipform.ru> To: "Tony Wells" <awells@journalstar.com> Cc: <questions@FreeBSD.ORG> Subject: Re: Allow rules for ipfw for active ftp Message-ID: <005f01c0daeb$a6f1ad40$0c00a8c0@ipform.ru> References: <001c01c0d9fe$f897ea80$0c00a8c0@ipform.ru> <3AFC0C37.5AD65CC2@journalstar.com>
next in thread | previous in thread | raw e-mail | index | archive | help
I've read the man page and don't understand one thing: Is this a protocol spec or just ftpd feature? I it is just ftpd behavior that opening the port will not help to connect in active mode to Windoze boxes or other ftp daemons. > I you need to open up ports 49152 - 65535. You can read the ftpd man > page for more info. > > Artem Koutchine wrote: > > > > Hi! > > > > Is it possive to allow active (as opposite to passive) > > ftp connection using ipfw rules? I put my local network > > behind a restrictive firewall (everything is denied by > > default) and now i must form allow rules to allow > > ftp connections. For passive connection everything is > > ok (client connect to server on 21, servers tell where > > to connect for data, client connect to server on that > > port) but for active connections server must connect > > to client on the port that client told the server. I think > > I understood ftp protocol right. I cannot imaging > > ipfw tules to allow the second (active) case. MAybe > > someone has done it? > > > > Artem > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > with "unsubscribe freebsd-questions" in the body of the message > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?005f01c0daeb$a6f1ad40$0c00a8c0>