Skip site navigation (1)Skip section navigation (2) 
Date:      Sat, 14 Feb 2004 09:58:57 +0100
From:      Martin Schweizer <pcservi@spectraweb.ch>
To:        JJB <Barbish3@adelphia.net>
Cc:        Martin Schweizer <info@pc-service.ch>
Subject:   Re: Firewall rules for ftp
Message-ID:  <20040214085856.GC1160@saturn.pcs.ms>
In-Reply-To: <MIEPLLIBMLEEABPDBIEGEEONFKAA.Barbish3@adelphia.net>
References:  <20040213070723.GA2743@saturn.pcs.ms> <MIEPLLIBMLEEABPDBIEGEEONFKAA.Barbish3@adelphia.net>
next in thread | previous in thread | raw e-mail | index | archive | help 

--0lnxQi9hkpPO77W3
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hello=20

Here are my ftp rules:

[snip
# FTP
ipfw add allow tcp from any to any 20 keep-state=20
ipfw add allow tcp from any to any 21 keep-state
ipfw add allow tcp from any 20 to me 1024-49151 keep-state # aktives FTP
ipfw add allow tcp from any 20 to 192.168.1.1/24 1024-49151 keep-state
ipfw add allow tcp from me 1024-49151 to any keep-state # passives FTP 1.
[snip]

Am Fri, Feb 13, 2004 at 09:23:07AM -0500 JJB schrieb:
> It would help if you posted you ipfw rules file so people can review
> them to look for your problem.
>=20
> -----Original Message-----
> From: owner-freebsd-questions@freebsd.org
> [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Martin
> Schweizer
> Sent: Friday, February 13, 2004 2:07 AM
> To: freebsd-questions@freebsd.org
> Subject: Firewall rules for ftp
>=20
> Hello
>=20
> Until now I tested a lot regarding ftp and ipfw but with no 100%
> success.
> What are the correct ipfw rules for ftp (regarding dir and ls,
> passive etc.)?
>=20
> System: FreeBSD 4.9, NAT, ipfw, LAN 192.168.1.0/24, WAN: dyn. WAN ip
> over ADSL

--=20

Regards

Martin Schweizer
<info@pc-service.ch>

PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon
Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch;
public key : http://www.pc-service.ch/pgp/public_key.asc;=20
fingerprint: EC21 CA4D 5C78 BC2D 73B7  10F9 C1AE 1691 D30F D239;


--0lnxQi9hkpPO77W3
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQFALeNQwa4WkdMP0jkRAiLlAKD5ns2KyeYGbVQ1GtodETRYmlm/DACgmixR
64sFuxNkFAP1qHzx1RIXTeg=
=5T1G
-----END PGP SIGNATURE-----

--0lnxQi9hkpPO77W3--

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040214085856.GC1160>