From owner-freebsd-questions@FreeBSD.ORG  Mon Jan  2 18:59:29 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@FreeBSD.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A1A9916A41F
	for <questions@FreeBSD.org>; Mon,  2 Jan 2006 18:59:29 +0000 (GMT)
	(envelope-from dan@ferrarishields.com)
Received: from mail.ferrarishields.com (mail.ferrarishields.com
	[216.82.146.20])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 59DAA43D49
	for <questions@FreeBSD.org>; Mon,  2 Jan 2006 18:59:29 +0000 (GMT)
	(envelope-from dan@ferrarishields.com)
Received: from danco (pptp0 [10.70.153.100])
	by mail.ferrarishields.com (Postfix) with SMTP id EDB297301A;
	Mon,  2 Jan 2006 10:59:26 -0800 (PST)
Message-ID: <00d501c60fce$a5289e20$029a460a@danco>
From: "Dan O'Connor" <dan@ferrarishields.com>
To: "zhane H" <zhane1@gmail.com>,
	<questions@FreeBSD.org>
References: <54103ab80601011739u1c7deb6as330b65208011424d@mail.gmail.com>
Date: Mon, 2 Jan 2006 10:59:22 -0800
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1";
	reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2670
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
Cc: 
Subject: Re: IPFW> FTP
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 02 Jan 2006 18:59:29 -0000

> i had a minor question/concern i was wondering why does the firewall
> rulesets have permissions for everything, and help for running almosty
> anything and how to open and wich port to open but yet it has no exmpale
> ruleset or any help for using a FTP while using a firewall such as IPFW. 
> it
> has no help in the handbook period. on how to use ftp while using IPFW


While the default IPFW ruleset will let you make outgoing TCP connections on 
any port, including outbound FTP control on port 21, you need to open port 
20 inbound to set up the data channel:

        ${fwcmd} add pass tcp from any 20 to any 1024-65535 setup

If you are running an FTP server that you want to be able to access from the 
outside, you'll also need:

        ${fwcmd} add pass log tcp from any to any 21 in via ${oif} setup

~Dan

--
Dan O'Connor
FreeBSD Cheat Sheets
    http://www.mostgraveconcern.com/freebsd/