Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 24 Jun 2001 18:11:57 +0200
From:      "Karsten W. Rohrbach" <karsten@rohrbach.de>
To:        ohshutup@zdnetonebox.com
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: IPF rule response
Message-ID:  <20010624181157.D52432@mail.webmonster.de>
In-Reply-To: <20010622220312.PZQH9852.mta11.onebox.com@onebox.com>; from ohshutup@zdnetmail.com on Fri, Jun 22, 2001 at 03:03:12PM -0700
References:  <20010622220312.PZQH9852.mta11.onebox.com@onebox.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

[-- Attachment #1 --]
Kris Anderson(ohshutup@zdnetmail.com)@2001.06.22 15:03:12 +0000:
> Howdy folks,
> 
> I've got a rule in my ipf that is reporting the following to syslog
> 
> <private_if>: <2>Jun 22 14:51:34 /kernel: ipfw: 3 Deny TCP 195.224.212.72:21
> <public_if>:21 in via rl0
> 
> I have limited understanding but it looks like that some bonehead on
> the 195. network is doing some sort of goofy ftp thing to my public_if,
> almost as if it was ftp relaying.
> 
> Could somebody unconfuse me as to what this means?

it seems that you are mixing up ipf (ipfilter) and ipfw in the first
place. a properly configured ipfilter with ftp in-core proxy for keeping
state on the sessions would solve it i think.

/k

-- 
> "In Christianity neither morality nor religion come into contact with
> reality at any point." --Friedrich Nietzsche
KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie
http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/
karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE  DF22 3340 4F4E 2964 BF46
Please do not remove my address from To: and Cc: fields in mailing lists. 10x

[-- Attachment #2 --]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE7NhFMM0BPTilkv0YRAjUHAJ48ys2Uu6LA3vpDUJAGg3o65+4RBgCgq2oj
4woVqCBljmncub/705yZbYE=
=yrQS
-----END PGP SIGNATURE-----

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010624181157.D52432>