From owner-freebsd-questions@FreeBSD.ORG Sat Feb 14 00:51:57 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E756316A550 for ; Sat, 14 Feb 2004 00:51:56 -0800 (PST) Received: from mail6.bluewin.ch (mail6.bluewin.ch [195.186.4.229]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8351543D1D for ; Sat, 14 Feb 2004 00:51:56 -0800 (PST) (envelope-from martin@saturn.pcs.ms) Received: from saturn.pcs.ms (62.202.48.206) by mail6.bluewin.ch (Bluewin AG 7.0.024) id 401D1260002B8696; Sat, 14 Feb 2004 08:51:54 +0000 Received: from saturn.pcs.ms (localhost [127.0.0.1]) by saturn.pcs.ms (8.12.9p2/8.12.8) with ESMTP id i1E8wwJU009134; Sat, 14 Feb 2004 09:58:58 +0100 (CET) (envelope-from martin@saturn.pcs.ms) Received: (from martin@localhost) by saturn.pcs.ms (8.12.9p2/8.12.9/Submit) id i1E8wvAQ009133; Sat, 14 Feb 2004 09:58:57 +0100 (CET) (envelope-from martin) Date: Sat, 14 Feb 2004 09:58:57 +0100 From: Martin Schweizer To: JJB Message-ID: <20040214085856.GC1160@saturn.pcs.ms> Mail-Followup-To: JJB , Martin Schweizer , freebsd-questions@freebsd.org References: <20040213070723.GA2743@saturn.pcs.ms> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="0lnxQi9hkpPO77W3" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4i Organization: PC-Service M. Schweizer, CH-8608 Bubikon, Switzerland X-PGP-Key: http://www.pc-service.ch/pgp/public_key.asc X-Fingerprint: EC21 CA4D 5C78 BC2D 73B7 10F9 C1AE 1691 D30F D239 X-Spam-Status: No, hits=-7.0 required=3.0 tests=IN_REP_TO,PGP_SIGNATURE_2,QUOTED_EMAIL_TEXT,REFERENCES, REPLY_WITH_QUOTES,USER_AGENT_MUTT version=2.55 X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) cc: freebsd-questions@freebsd.org cc: Martin Schweizer Subject: Re: Firewall rules for ftp X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Martin Schweizer List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Feb 2004 08:51:58 -0000 --0lnxQi9hkpPO77W3 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello=20 Here are my ftp rules: [snip # FTP ipfw add allow tcp from any to any 20 keep-state=20 ipfw add allow tcp from any to any 21 keep-state ipfw add allow tcp from any 20 to me 1024-49151 keep-state # aktives FTP ipfw add allow tcp from any 20 to 192.168.1.1/24 1024-49151 keep-state ipfw add allow tcp from me 1024-49151 to any keep-state # passives FTP 1. [snip] Am Fri, Feb 13, 2004 at 09:23:07AM -0500 JJB schrieb: > It would help if you posted you ipfw rules file so people can review > them to look for your problem. >=20 > -----Original Message----- > From: owner-freebsd-questions@freebsd.org > [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Martin > Schweizer > Sent: Friday, February 13, 2004 2:07 AM > To: freebsd-questions@freebsd.org > Subject: Firewall rules for ftp >=20 > Hello >=20 > Until now I tested a lot regarding ftp and ipfw but with no 100% > success. > What are the correct ipfw rules for ftp (regarding dir and ls, > passive etc.)? >=20 > System: FreeBSD 4.9, NAT, ipfw, LAN 192.168.1.0/24, WAN: dyn. WAN ip > over ADSL --=20 Regards Martin Schweizer PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch; public key : http://www.pc-service.ch/pgp/public_key.asc;=20 fingerprint: EC21 CA4D 5C78 BC2D 73B7 10F9 C1AE 1691 D30F D239; --0lnxQi9hkpPO77W3 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQFALeNQwa4WkdMP0jkRAiLlAKD5ns2KyeYGbVQ1GtodETRYmlm/DACgmixR 64sFuxNkFAP1qHzx1RIXTeg= =5T1G -----END PGP SIGNATURE----- --0lnxQi9hkpPO77W3--