Date: Sun, 24 Jun 2001 18:11:57 +0200 From: "Karsten W. Rohrbach" <karsten@rohrbach.de> To: ohshutup@zdnetonebox.com Cc: freebsd-security@FreeBSD.ORG Subject: Re: IPF rule response Message-ID: <20010624181157.D52432@mail.webmonster.de> In-Reply-To: <20010622220312.PZQH9852.mta11.onebox.com@onebox.com>; from ohshutup@zdnetmail.com on Fri, Jun 22, 2001 at 03:03:12PM -0700 References: <20010622220312.PZQH9852.mta11.onebox.com@onebox.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--OROCMA9jn6tkzFBc Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Kris Anderson(ohshutup@zdnetmail.com)@2001.06.22 15:03:12 +0000: > Howdy folks, >=20 > I've got a rule in my ipf that is reporting the following to syslog >=20 > <private_if>: <2>Jun 22 14:51:34 /kernel: ipfw: 3 Deny TCP 195.224.212.72= :21 > <public_if>:21 in via rl0 >=20 > I have limited understanding but it looks like that some bonehead on > the 195. network is doing some sort of goofy ftp thing to my public_if, > almost as if it was ftp relaying. >=20 > Could somebody unconfuse me as to what this means? it seems that you are mixing up ipf (ipfilter) and ipfw in the first place. a properly configured ipfilter with ftp in-core proxy for keeping state on the sessions would solve it i think. /k --=20 > "In Christianity neither morality nor religion come into contact with > reality at any point." --Friedrich Nietzsche KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.n= et/ karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE DF22 3340 4F4E 2964 B= F46 Please do not remove my address from To: and Cc: fields in mailing lists. 1= 0x --OROCMA9jn6tkzFBc Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE7NhFMM0BPTilkv0YRAjUHAJ48ys2Uu6LA3vpDUJAGg3o65+4RBgCgq2oj 4woVqCBljmncub/705yZbYE= =yrQS -----END PGP SIGNATURE----- --OROCMA9jn6tkzFBc-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010624181157.D52432>