From owner-freebsd-security  Thu Jun 14 23:36:50 2001
Delivered-To: freebsd-security@freebsd.org
Received: from mail1.home.nl (mail1.home.nl [213.51.129.225])
	by hub.freebsd.org (Postfix) with ESMTP id 97A8137B403
	for <freebsd-security@FreeBSD.ORG>; Thu, 14 Jun 2001 23:36:42 -0700 (PDT)
	(envelope-from nascar24@home.nl)
Received: from windows ([213.51.193.168]) by mail1.home.nl
          (InterMail vM.4.01.03.00 201-229-121) with SMTP
          id <20010615063641.ULJS22865.mail1.home.nl@windows>;
          Fri, 15 Jun 2001 08:36:41 +0200
Message-ID: <04c901c0f565$a8588750$0900a8c0@windows>
From: "Marcel Dijk" <nascar24@home.nl>
To: "Crist Clark" <crist.clark@globalstar.com>,
	"Peter Pentchev" <roam@orbitel.bg>
Cc: "Igor Roshchin" <str@giganda.komkon.org>,
	<freebsd-security@FreeBSD.ORG>
References: <046b01c0f4e8$a32a9200$0900a8c0@windows> <200106141559.LAA90429@giganda.komkon.org> <20010614194556.A729@ringworld.oblivion.bg> <3B28EBA0.42917E22@globalstar.com>
Subject: Re: IPFW almost works now -> stateful rules
Date: Fri, 15 Jun 2001 08:37:32 +0200
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 5.00.2919.6700
X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

> > On Thu, Jun 14, 2001 at 11:59:28AM -0400, Igor Roshchin wrote:
> > >
> > >
> > > If those rules are all rules you have,
> > > and I didn't miss any line,
> > > no ftp would be allowed to go through, since
> > > there is no rule for the port 21.
> > > Aren't you mixing something ? ftp is at port 21.
> > > Port 22 is ssh.
> > > (Check /etc/services)
> > >
> > > However, I am puzzled, how do you manage to establish the initial
connect
> > > at all.
> >
> > This has been discussed before: his FTP server is listening on a high
port.
>
> But his tcpdump(8) output indicates the 'ftp' port is being used...
> I hope he didn't edit /etc/services (yee-uck).

Yes I did, I commented the original line out and typed in a new one with my
own port.

Marcel


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message