Date: Tue, 17 Jun 2003 09:08:07 -0400 From: Bill Moran <wmoran@potentialtech.com> To: Andrew Thomson <ajthomson@optushome.com.au> Cc: freebsd-questions@freebsd.org Subject: Re: restrictive ipfw ruleset and ftp Message-ID: <3EEF12B7.8040208@potentialtech.com> In-Reply-To: <20030617121346.GA80594@athomson.prv.au.itouchnet.net> References: <20030617121346.GA80594@athomson.prv.au.itouchnet.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Andrew Thomson wrote: > any suggestions would be great. > > i have a restrictive ipfw ruleset that works great.. it only allows > incoming connections that i allow and outgoing connections allow. i have > a list of ports that i let my users go out on: 80, 22, 143, 443 etc > etc.. > > All the stuff they might need to do. > > how can i handle passive ftp though? > > i can let 21 out, but when the remote ftp server says use this x high > port.. i block that because it's not in my list. so what can i do to get > around this.. > > not totally familiar with it, but is this what fw_punch is for within > nat?? That's what it's designed for. I've never used it so I can't verify how well it works. -- Bill Moran Potential Technologies http://www.potentialtech.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3EEF12B7.8040208>