Re: passive mode ftp server, need stateful ipfw rule.

On Tue, Dec 10, 2002 at 01:40:43PM -0500, Peter Brezny wrote: > How do you adjust the range of random tcp ports chosen if you are using the > stoc ftpd that comes with freebsd. sysctl net.inet.ip.portrange.hifirst and .hilast, set by default to 49152 and 65535. The ftpd manpage is slightly mislea

RE: passive mode ftp server, need stateful ipfw rule.

tion terminates. Thanks again. Peter Brezny Skyrunner.net -Original Message- From: Vincent Jardin [mailto:[EMAIL PROTECTED]] Sent: Tuesday, December 10, 2002 3:32 AM To: Barney Wolff; Peter Brezny Cc: Orville R. Weyrich_Jr; [EMAIL PROTECTED] Subject: Re: passive mode ftp server, need sta

Re: passive mode ftp server, need stateful ipfw rule.

arn't you sort of setting yourself up. Couldn't someone establish a > > valid connection to a valid port, then, have a field day? > > > > TIA > > > > Peter Brezny > > Skyrunner.net > > > > > > -Original Message- > > From:

Re: passive mode ftp server, need stateful ipfw rule.

f up. Couldn't someone establish a valid > connection to a valid port, then, have a field day? > > TIA > > Peter Brezny > Skyrunner.net > > > -Original Message- > From: Orville R. Weyrich_Jr [mailto:[EMAIL PROTECTED]] > Sent: Monday, December 09, 200

RE: passive mode ftp server, need stateful ipfw rule.

ay, December 09, 2002 4:55 PM To: Peter Brezny Cc: [EMAIL PROTECTED] Subject: Re: passive mode ftp server, need stateful ipfw rule. Isn't that what ESTABLISHED is used for? On Mon, 9 Dec 2002, Peter Brezny wrote: > Is it possible to create an ipfw ruleset for an ftp server in passive mode &

passive mode ftp server, need stateful ipfw rule.

Is it possible to create an ipfw ruleset for an ftp server in passive mode that figures out which random port the ftp server is going to open to only allow the client that initiated the connection to connect to that port? Since the client initiates it's data connection from a random port to the n