Date: 17 Dec 2002 10:27:07 -0500 From: Dan Pelleg <daniel+bsd@pelleg.org> To: hawkeyd@visi.com Cc: "questions at FreeBSD" <freebsd-questions@freebsd.org> Subject: Re: jailed ftpd behind NAT'ing firewall: ftphosts? Message-ID: <u2s4r9cis38.fsf@gs166.sp.cs.cmu.edu> In-Reply-To: <20021209102243.A40506@sheol.localdomain> References: <20021209102243.A40506@sheol.localdomain>
next in thread | previous in thread | raw e-mail | index | archive | help
D J Hawkey Jr <hawkeyd@visi.com> writes: > Hi all. > > I want to set up a jailed FTP server on a box inside a private LAN, > accessable to the outside. It all looks straight-forward enough, using > a column on DaemonNews (http://ezine.daemonnews.org/200212/ftpjail.html) > as a guildline, except that I want to use FreeBSD's ftpd(8). > > Reading the ftpd(8) man page, it seems I need to employ /etc/ftphosts, > but try as I might, I can't find an example of /etc/ftphosts. > > The private network is 192.168.16.0/24. The public IP to my LAN is, > say, 208.42.236.15. Do I need /etc/ftphosts to reflect the public IP, > or does jail(8) handle this for me, or what? > I don't think you need a ftphosts in this case. But I have no experience with it. It seems the jail should give you all the hiding you'd want, and that the jailed host doesn't account as a system that "has multiple IP addresses". > Even if I don't need /etc/ftphosts, could someone post an example? I > find the man page sufficiently vague as to the actual contents, the > user field in particular. It seems to me this is something I should > just know. > Again, this is just a guess, but in my understanding a file with a single line that looks something like this should work: ftp.mydomain joe - - - -- Dan Pelleg To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?u2s4r9cis38.fsf>