Great Circle Associates Firewalls
(June 1996)
 

Indexed By Date: [Previous] [Next] Indexed By Thread: [Previous] [Next]

Subject: Re: ftp problem
From: eckes <ecki @ lina . inka . de>
Date: Tue, 25 Jun 1996 05:06:13 +0200 (MET DST)
To: firewalls @ GreatCircle . com
In-reply-to: <01BB61C3 . CCAFA240 @ alexf . iss . net> from "Alex Filacchione" at Jun 24, 96 11:53:43 am
Organisation: private Linux Site, Karlsruhe, Germany

Hello,

> You would need to allow incoming connection from the outside port 20, to
> the inside port >1023 (probably excluding the X11 ports).=20

Isnt there a feature in FW1 to generate a temporary allow-rule based on the
Port Command of the Control Connection. I thought thats the strength of FW1
that you can have dynamic and programmable Rules. Isn't there an example for
FTP shiped with the FW1? All I heared about FW1 sounded fine, but now I
wonder why so many ppl have problems with a simple
server-side-initiated-ftp-data-connection.

Greetings
Bernd
-- 
  (OO)      -- Bernd_Eckenfels @
 Wittumstrasse13 .
 76646Bruchsal .
 de --
 ( .. )  ecki @
 lina .
 {inka .
 de,ka.sub.org}  http://home.pages.de/~eckes/
  o--o     *plush*  2048/A2C51749  eckes @
 irc  +4972573817  *plush*
(O____O)       If privacy is outlawed only Outlaws have privacy


References:
Indexed By Date Previous: Re: Secure remote dial-up access
From: Vinci Chou <vkmchou @ HK . Super . NET>
Next: Re: Pilot Network Services
From: Kent Crispin <kent @ bywater . songbird . com>
Indexed By Thread Previous: RE: ftp problem
From: Alex Filacchione <alexf @ iss . net>
Next: one time passwords
From: Gordon Douglass <douglass @ merl . com>

Google
 
Search Internet Search www.greatcircle.com