Date: Sun, 7 Nov 2004 18:55:24 +0100 From: Martin Schweizer <pcservi@spectraweb.ch> To: Emil Khatib <fenomenoxp2@gmail.com> Cc: freebsd-questions@freebsd.org Subject: Re: FTP access with ipfw Message-ID: <20041107175524.GA96933@saturn.pcs.ms> In-Reply-To: <dd9992320411070627724caa62@mail.gmail.com> References: <dd9992320411070554a186ae9@mail.gmail.com> <20041107140217.1749C43D5A@mx1.FreeBSD.org> <20041107142216.GY81757@saturn.pcs.ms> <dd9992320411070627724caa62@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
--pf9I7BMVVzbSWLtt Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello Emil Am Sun, Nov 07, 2004 at 03:27:02PM +0100 Emil Khatib schrieb: > ipfw add allow tcp from any to any 1024-65000 keep-state > is it secure to open those ports? =2E.. if no service is running there I see no problems. =20 > On Sun, 7 Nov 2004 15:22:16 +0100, Martin Schweizer > <pcservi@spectraweb.ch> wrote: > > Hello > >=20 > > I had a long time to figure out the rules for ipfw (with and without na= t, no > > different for me). Attached I send you the part of rc.firewall that is = for ftp: > >=20 > > ipfw -f flush > > ipfw add check-state > >=20 > > [snip] > >=20 > > # FTP > > ipfw add allow tcp from any to any 20 > > ipfw add allow tcp from any to any 21 > > ipfw add allow tcp from any to any 1024-65000 keep-state > >=20 > > [snip ] > >=20 > > Am Sun, Nov 07, 2004 at 09:02:10AM -0500 Ara schrieb: > > > This mail is probably spam. The original message has been attached > > > along with this report, so you can recognize or block similar unwanted > > > mail in future. See http://spamassassin.org/tag/ for more details. > > > > > > Content preview: Hello Are you connecting directly to internet or via > > > nat? In that case you may have to enable passive mode on your ftp > > > client > > >=20 > > > Content analysis details: (3.60 points, 3 required) > > > IN_REP_TO (-0.5 points) Has a In-Reply-To header > > > FORGED_MUA_OUTLOOK (3.5 points) Forged mail pretending to be from MS= Outlook > > > MISSING_OUTLOOK_NAME (0.6 points) Message looks like Outlook, but is= n't > > > > > > > >=20 > > Content-Description: original message before SpamAssassin > > > From: "Ara" <ara@avvali.com> > > > To: <freebsd-questions@freebsd.org> > > > Date: Sun, 7 Nov 2004 09:02:10 -0500 > > > X-Mailer: Microsoft Office Outlook, Build 11.0.6353 > > > Subject: RE: FTP access with ipfw > >=20 > >=20 > > > > > > > > > Hello > > > Are you connecting directly to internet or via nat? In that case you = may > > > have to enable passive mode on your ftp client > > > > > > -----Original Message----- > > > From: owner-freebsd-questions@freebsd.org > > > [mailto:owner-freebsd-questions@freebsd.org] On Behalf Of Emil Khatib > > > Sent: November 7, 2004 8:54 AM > > > To: freebsd-questions@freebsd.org > > > Subject: FTP access with ipfw > > > > > > Hi, I-m trying to secure my FreeBSD box using ipfw, but i can-t > > > configure FTP client to access the internet. I-ve googled aroun > > > everywhere but none of the solutions worked for me! I-m connected > > > using dialup and user ppp. > > > And another question, Would it be better if I used the firewall > > > included with PPP? --=20 Regards Martin Schweizer <info@pc-service.ch> PC-Service M. Schweizer GmbH; Gewerbehaus Schwarz; CH-8608 Bubikon Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch; public key : http://www.pc-service.ch/pgp/public_key.asc;=20 fingerprint: EC21 CA4D 5C78 BC2D 73B7 10F9 C1AE 1691 D30F D239; --pf9I7BMVVzbSWLtt Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQFBjmGMwa4WkdMP0jkRAvFBAKCd5XTvj+CB0z9BnFSIucdTPh2zDQCg6LQQ HRL+lK4Xr9KvSgor1r52vAo= =gC+v -----END PGP SIGNATURE----- --pf9I7BMVVzbSWLtt--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041107175524.GA96933>