ipfw statefull ruleset problem

Lowell Gilbert freebsd-questions-local at be-well.ilk.org
Sun Jan 30 07:45:52 PST 2005

"Gerard Meijer" <gmeijer at palmweb.nl> writes:

> But I learned that that is not the right way to do this in a
> statefull ruleset, because the dynamic rules don't have any use in
> this way. So what is the right way to solve this?

Don't do FTP?  Use an FTP proxy that knows how to work around the
firewall?  FTP was designed for an Internet with end-to-end
connectivity, which you're breaking by putting in a packet filter in
the first place...

More information about the freebsd-questions mailing list