proftpd/ipfw issues
Nelis Lamprecht
nelis at brabys.co.za
Fri May 30 02:27:12 PDT 2003
Hi Oliver,
Thanks for your reply. I do not block any out going tcp or udp traffic
as this machine is used only by myself. For that I have the following
rules:
$fwcmd add 00303 allow tcp from any to any out setup keep-state
$fwcmd add 00405 allow udp from any to any out
Do you think the setup keep-state could be causing a problem? Thanks for
making the point on my subnet, I have changed that accordingly.
Kind regards,
Nelis
ps. I am not subscribed to the list so please send answers to me
directly.
>> allow tcp from any to x.x.x.x/24 20,21,22,25,53,80,443 setup
>On ACTIVE FTP, the client initiate the connection to the port 21, but
the server initiate the connection from the port 20.
>So you should open the port 20 with a rule like:
>allow tcp from x.x.x.x/24 20 to any setup
>Beside, if you have only one server on your network, why opening
>incoming ftp to all the subnet?
>Olivier
More information about the freebsd-questions
mailing list