From owner-freebsd-security  Mon Oct  2 11: 8:20 2000
Delivered-To: freebsd-security@freebsd.org
Received: from eastwood.aldigital.algroup.co.uk (eastwood.aldigital.algroup.co.uk [194.128.162.193])
	by hub.freebsd.org (Postfix) with ESMTP id A79EA37B502
	for <security@FreeBSD.ORG>; Mon,  2 Oct 2000 11:03:47 -0700 (PDT)
Received: from algroup.co.uk ([193.195.56.225]) by eastwood.aldigital.algroup.co.uk (8.8.8/8.6.12) with ESMTP id RAA04978; Mon, 2 Oct 2000 17:59:21 GMT
Message-ID: <39D8CCF8.85E7C655@algroup.co.uk>
Date: Mon, 02 Oct 2000 18:59:20 +0100
From: Adam Laurie <adam@algroup.co.uk>
Organization: A.L. Group plc
X-Mailer: Mozilla 4.72 [en] (Win95; U)
X-Accept-Language: en
MIME-Version: 1.0
To: Buliwyf McGraw <buliwyf@libertad.univalle.edu.co>
Cc: security@FreeBSD.ORG
Subject: Re: NATD and ipf
References: <Pine.BSF.4.21.0010021213030.84700-100000@libertad.univalle.edu.co>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

Buliwyf McGraw wrote:
> 
>  Hello... i have a question for you:
> 
>  When im doing NATD for an intranet, using ipf and ipnat... i might use
>  special rules for the ftp service???
>  I mean, from my subnet with invalid IP i can access all services from
>  Internet; everything BUT not ftp.
>  Why it could be???

you need to run your ftp client in passive mode.

cheers,
Adam
--
Adam Laurie                   Tel: +44 (20) 8742 0755
A.L. Digital Ltd.             Fax: +44 (20) 8742 5995
Voysey House                  http://www.thebunker.net
Barley Mow Passage            http://www.aldigital.co.uk
London W4 4GB                 mailto:adam@algroup.co.uk
UNITED KINGDOM                PGP key on keyservers


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message