From owner-freebsd-questions@FreeBSD.ORG Tue Jun 17 05:39:11 2003 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F128C37B401 for ; Tue, 17 Jun 2003 05:39:11 -0700 (PDT) Received: from malkav.snowmoon.com (malkav.snowmoon.com [209.23.60.62]) by mx1.FreeBSD.org (Postfix) with SMTP id 24B2243FCB for ; Tue, 17 Jun 2003 05:39:11 -0700 (PDT) (envelope-from jaime@snowmoon.com) Received: (qmail 94898 invoked from network); 17 Jun 2003 12:39:10 -0000 Received: from localhost.snowmoon.com (HELO localhost) (127.0.0.1) by localhost.snowmoon.com with SMTP; 17 Jun 2003 12:39:10 -0000 Date: Tue, 17 Jun 2003 08:39:08 -0400 (EDT) From: Jaime To: Andrew Thomson In-Reply-To: <20030617121346.GA80594@athomson.prv.au.itouchnet.net> Message-ID: <20030617083743.G94567@malkav.snowmoon.com> References: <20030617121346.GA80594@athomson.prv.au.itouchnet.net> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-questions@freebsd.org Subject: Re: restrictive ipfw ruleset and ftp X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 17 Jun 2003 12:39:12 -0000 On Tue, 17 Jun 2003, Andrew Thomson wrote: > how can i handle passive ftp though? > > i can let 21 out, but when the remote ftp server says use this x high > port.. i block that because it's not in my list. so what can i do to get > around this.. IIRC, FTP sends its replies on TCP port 20. I can't recall if that is port 20 on the remote or local host, though. A little experimentation and you'll probably figure it out. (hint: netstat -nf inet) Good luck, Jaime