Date: Thu, 15 Apr 1999 10:08:15 +0200 (MET DST) From: Martin Machacek <mm@i.cz> To: freebsd-security@FreeBSD.ORG Subject: Re: IPFilter? Message-ID: <XFMail.990415100815.mm@i.cz> In-Reply-To: <Pine.BSF.4.10.9904142145080.23986-100000@madeline.boneyard.lawrence.ks.us>
index | next in thread | previous in thread | raw e-mail
On 15-Apr-99 Stephen D. Spencer wrote: > On Wed, 14 Apr 1999, Brendan Conoboy wrote: > >> [...] >> Speaking of which, is anybody using ipfilter's ftp proxy successfully? I >> have successful kernel panics, but the delight in this is fleeting. >> > > And so it goes with the version integrated with FreeBSD (3.2.7 I believe) > > I am current running 3.2.11b4 with the ftp proxy successfully in use. > (see http://cheops.anu.edu.au/~avalon/ip-filter.html) I've had also troubles using transparent proxing with IPFilter 3.2.10 and FWTK v 2 (with appropriate patches) on FreeBSD 2.2.8. In every case the ioctl on /dev/ipl trying to read the original target address failed. I've tried multiple configurations of ipnat rules with no success. I pretty much sure that I've tried everything reasonable. The built in FTP proxy didn't work either except for passive mode transfers (that was actually the reason why I was experimenting with ftp-gw from FWTK). I would very much like to use IPFilter instead of ipfw because of it's (IMO) better filtering capabilities and kernel implementation of NAT but the problem with FTP is a clear show stopper. Don't you know whether it works with 3.2.11b4? Martin --- [PGP KeyID F3F409C4] To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the messagehelp
Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?XFMail.990415100815.mm>