misc/132553: ipfw doesnt understand ftp-data port
Maxim Konovalov
maxim at macomnet.ru
Wed Mar 11 11:10:04 PDT 2009
The following reply was made to PR misc/132553; it has been noted by GNATS.
From: Maxim Konovalov <maxim at macomnet.ru>
To: Chistoph Weber-Fahr <cwf-ml at arcor.de>
Cc: bug-followup at freebsd.org
Subject: Re: misc/132553: ipfw doesnt understand ftp-data port
Date: Wed, 11 Mar 2009 21:04:09 +0300 (MSK)
> >Description:
> this ipfw clause should work and did work on older systems:
>
> # ipfw add 1770 allow tcp from any to any ftp-data keep-state
>
> but now it produces
>
> ipfw: unrecognised option [-1] ftp-data
>
> this is regardless of the addresses used - you could also use any addresses or networks instead of "any".
>
> ftp-data is in /etc/services as always:
>
> # grep ftp-data /etc/services
> ftp-data 20/tcp #File Transfer [Default Data]
> ftp-data 20/udp #File Transfer [Default Data]
>
>
$ ipfw -n add 1770 allow tcp from any to any ftp\\-data keep-state
01770 allow tcp from any to any dst-port 20 keep-state
works for me.
--
Maxim Konovalov
More information about the freebsd-bugs
mailing list