Date: Sat, 18 Dec 2004 10:10:33 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: wsx <security@noc.kstu-kai.ru> Cc: freebsd-security@freebsd.org Subject: Re: Active ftp connection Message-ID: <20041218100553.K71541@cactus.fi.uba.ar> In-Reply-To: <200412181518.55782.security@noc.kstu-kai.ru> References: <200412181518.55782.security@noc.kstu-kai.ru>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 18 Dec 2004, wsx wrote: > Hello dear friends... > > I have a trouble. My FTP server must have an active ftp connection. > It means what in ipfw rules I must allow outgoing connections(like ipfw add > allow tcp from me to any keep-state). > But I don't want use this rule. I want to restrict my outgoing connections. Is Active FTP-data goes from server IP:port 20 to client IP:random port. You don't need to open ALL ourgoing traffic, just those coming from port 20 on your ftp server. Fer
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041218100553.K71541>