Fwd: IPF (ftp - pkg_add) help requested

Kelly D. Grills kdgrills at the-grills.com
Fri Mar 2 01:49:33 UTC 2007

On Thu, Mar 01, 2007 at 04:10:11PM -0500, Don Munyak wrote:
> My server was opening an additional session using ports > 1024, which
> I was not initially allowing.  ipf was blocking outbound due to this
> rule. This is a known issue with ftp client sessions using active mode
> when behind a firewall.

As I hinted at in my original response, If you'd rather keep your
firewall rules tighter, pkg_add(1) says:

Note: If you wish to use passive mode ftp in such transfers, set
the variable FTP_PASSIVE_MODE to some value in your environment.

Otherwise, the more standard ACTIVE mode may be used.  If pkg_add
consistently fails to fetch a package from a site known to work,
it may be because you have a firewall that demands the usage of
passive mode ftp.

Kelly D. Grills
kdgrills at the-grills.com

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 243 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20070302/5511b174/attachment.pgp

More information about the freebsd-questions mailing list