From owner-freebsd-stable Tue Sep 12 21:40: 8 2000 Delivered-To: freebsd-stable@freebsd.org Received: from ns1.venon.com (ns1.venon.com [64.7.7.83]) by hub.freebsd.org (Postfix) with ESMTP id C90F137B423 for ; Tue, 12 Sep 2000 21:40:03 -0700 (PDT) Received: from megalomaniac.biosys.net (megalomaniac.venon.com [64.7.7.82]) by ns1.venon.com (Postfix) with ESMTP id 9BEC7D144E for ; Wed, 13 Sep 2000 00:42:24 -0400 (EDT) Message-Id: <4.3.2.7.2.20000913004042.00b1ce88@mail.megapathdsl.net> X-Sender: X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Wed, 13 Sep 2000 00:42:42 -0400 To: freebsd-stable@FreeBSD.ORG From: Allen Landsidel Subject: Re: ipfw changes in latest stable In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG At 22:13 09/12/2000 -0600, Edward Wolpert wrote: >-----BEGIN PGP SIGNED MESSAGE----- > >Folks- > > Over the weekend, I updated to the latest 4.1-stable from an update >about a few weeks ago. I've got the simple firewall setup (basically, >the client mode in the rc.firewall file) on my box. However, I can't >do a fetch (via 'make install') on items in the ports directory anymore. >I can't ftp anymore. When I try, I can contact the site, but when I >try to download files, it doesn't work. When I open up the tcp ports >via ipfw, it then lets me. Any recent changes to ipfw lately that could >explain this? (It used to work) Thanks. You need to use ftp in passive mode unless you have rules that allow the ftp-data information to come in. I believe there is an example config for this in the ipfw documentation. I'm not sure if client does this by default, since I always use the "closed" model and add allow lines myself. > >Virtually, | Open/Web Systems Architect >Edward Wolpert | > http://www.methodsystems.com | 4eb8 4e75 >___________________________________________/ > >-----BEGIN PGP SIGNATURE----- >Version: 2.6.2 > >iQB1AwUBOb7+zq2tQW/xJRRFAQG8RQMAjhali1oqCDzvBXxV8wvO95vyMOb8hv+3 >Tb3tjllH+dESRSdxHlcnBLgZ3pRGlIRnTWKDDChPy/eUbbByjGJ30NHrjSoVohlZ >U8+xrW0a/Hr6DcT/HKcxabNQi6vHeA45 >=+cC3 >-----END PGP SIGNATURE----- > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-stable" in the body of the message -------signature file------- PGP Key Fingerprint: 446B 7718 B219 9F1E 43DD 8E4A 6BE9 D739 CCC5 7FD7 Available from ldap://certserver.pgp.com "I don't think [Linux] will be very successful in the long run." "My experience and some of my friends' experience is that Linux is quite unreliable. Microsoft is really unreliable but Linux is worse." -Ken Thompson, Interview May 1999. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message