From owner-freebsd-ipfw@FreeBSD.ORG Thu Sep 7 21:17:10 2006 Return-Path: X-Original-To: freebsd-ipfw@freebsd.org Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8526116A4DD for ; Thu, 7 Sep 2006 21:17:10 +0000 (UTC) (envelope-from admin2@enabled.com) Received: from typhoon.enabled.com (typhoon.enabled.com [216.218.220.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0C06F43D72 for ; Thu, 7 Sep 2006 21:17:03 +0000 (GMT) (envelope-from admin2@enabled.com) Received: from [172.24.241.5] (natint3.juniper.net [66.129.224.36]) (authenticated bits=0) by typhoon.enabled.com (8.13.8/8.13.8) with ESMTP id k87LH3SM055321 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 7 Sep 2006 14:17:03 -0700 (PDT) (envelope-from admin2@enabled.com) Message-ID: <45008C28.3000807@enabled.com> Date: Thu, 07 Sep 2006 14:16:24 -0700 From: Noah User-Agent: Thunderbird 1.5.0.5 (Macintosh/20060719) MIME-Version: 1.0 To: freebsd-ipfw@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: rc.firewall rule for passive FTP from FTP server side X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Sep 2006 21:17:10 -0000 It appears that FTP clients using FTP are not able to interact passively with my FTP server. I am wondering if there is a rule somebody could point me to that works rather well. ${ip} is the IP address fo the server (not the client). this does not work. ---- snip ---- #/** Allow setup of FTP PASSIVE **/ ${fwcmd} add allow tcp from ${ip} to any 1024-65534 keep-state ${fwcmd} add allow tcp from ${ip} to any 21 keep-state --- snip ---- cheers, Noah