-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of dick hoogendijk Sent: Tuesday, January 25, 2005 2:39 PM To: freebsd-questions@freebsd.org Subject: ipf rules for ftp server
I read the handbook and googled, but am still confused on the right rules for my FTP server. I use ipf. My ftp section in /etc/ipf.rules now is: # FTP server out pass out quick on rl0 proto tcp from any to any port = 21 flags S keep state pass out quick on rl0 proto tcp from any to any port > 1024 flags S keep state # Allow in FTP from the Internet pass in quick on rl0 proto tcp from any to any port = 21 flags S keep state pass in quick on rl0 proto tcp from any to any port = 20 flags S keep state ## end I don't feel these are right. But maybe they are. Can somebody give me advice on this? The ftp server needs to be up-and-running asap; my children want to update there webpages ;-) -- dick -- http://www.nagual.st/ -- PGP/GnuPG key: F86289CE ++ Running FreeBSD 4.10 ++ Debian GNU/Linux (Woody) + Nai tiruvantel ar vayuvantel i Valar tielyanna nu vilja _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]" Hello, Something like this would work: pass in quick on rl0 proto tcp from any to any port 50000 >< 51000 flags S keep state #PASV FTP pass in quick on rl0 proto tcp from any to any port = 21 #FTP ACTIVE Also if you need passive ftp working you'll need to specify the passive port range in ftp server config.(pure-ftpd.conf: PassivePortRange = 50000 51000) Best regards, Andras Kende http://www.kende.com _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"
