Date: Wed, 5 Feb 2020 17:26:44 -0600 From: Doug McIntyre <merlyn@geeks.org> To: freebsd-questions@freebsd.org Subject: Re: ipfw for udp on FreeBSD 12.1? Message-ID: <20200205232644.GA15914@geeks.org> In-Reply-To: <CAEW8WPvyNLz%2Bwthr7aBPwTb9wh=E3skm2Qy2pS2BK0QcXN_MMg@mail.gmail.com> References: <CAEW8WPvyNLz%2Bwthr7aBPwTb9wh=E3skm2Qy2pS2BK0QcXN_MMg@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Feb 06, 2020 at 12:21:10AM +0300, Andreas X wrote: > I use ipfw with options such as: firewall_type="workstation" and > firewall_myservices="21 22 80 443" for my server via rc.conf file. > > I need to add an UDP port range to allow, for vsftpd (PASV). However ipfw > doesn't has any settings as I heard and "firewall_myservices" only supports > TCP ports. Any idea how to manage that issue? Other than the answer about your UDP services.. Are you sure the vsftpd PASV mode requires UDP? That would be abnormal. Normally passive mode with vsftpd (or any FTP server) requires TCP, and opening up the firewall to allow the range of TCP ports you have specified in the vspftd.conf file. It is only some of the experimental accelerated file transfer protocols that start playing with spraying UDP packets.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20200205232644.GA15914>