Re: [lug-nuts] attn Rick - PMFirewall Question

From: Michael Long (mlong@ns.net)
Date: Fri Jan 07 2000 - 10:49:45 PST

Next message: Lancashire, Andrew: "RE: [lug-nuts] attn Rick - PMFirewall Question"
Previous message: Mike Machado: "Re: [lug-nuts] attn Rick - PMFirewall Question"
In reply to: Mike Machado: "Re: [lug-nuts] attn Rick - PMFirewall Question"
Next in thread: Lancashire, Andrew: "RE: [lug-nuts] attn Rick - PMFirewall Question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Negotiation is on 20 and for regualar ftp data is passed over port 21.
When I've done a snoop with passive ftp (using ftp in netscape) the data
port is opened up above 1024 with a different port each time. So if I was
really anal and blocked EVERY port and only wanted ftp through my firewall
ftp with netscape wouldn't work.

Michael

On Fri, 7 Jan 2000, Mike Machado wrote:

>
>
> On Fri, 7 Jan 2000, Michael Long wrote:
>
> > How do you plan on letting passive ftp though? The return packets open up
> > a new port above 1024 and it's random every time.
> >
>
> But the destination is aways the same. port 20.
>
> > Michael
> >
> > On Fri, 7 Jan 2000, Rick Johnson wrote:
> >
> > >
> > > Hi Adam,
> > >
> > > > Will PMFirewall let me do port fowarding? I've used ipmasqadm in the
> > > > past and it worked well...wouldn't let passive FTP through :<
> > >
> > > The quick answer is no, not yet. But it is possible to add it in manually.
> > > Feel free to email me privately and we can talk about it.
> > >
> > > - Rick
> > >
> > > ****************************************************************************
> > > * To UNSUBSCRIBE from the list, send a message with "unsubscribe lug-nuts"
> > > * in the message body to majordomo@saclug.org. Please direct other
> > > * questions, comments, or problems to lug-nuts-owner@saclug.org.
> > >
> >
> > ****************************************************************************
> > * To UNSUBSCRIBE from the list, send a message with "unsubscribe lug-nuts"
> > * in the message body to majordomo@saclug.org. Please direct other
> > * questions, comments, or problems to lug-nuts-owner@saclug.org.
> >
>
> Mike Machado
> mike@innercite.com
> InnerCite
> Network Specialist
>
> ****************************************************************************
> * To UNSUBSCRIBE from the list, send a message with "unsubscribe lug-nuts"
> * in the message body to majordomo@saclug.org. Please direct other
> * questions, comments, or problems to lug-nuts-owner@saclug.org.
>

****************************************************************************
* To UNSUBSCRIBE from the list, send a message with "unsubscribe lug-nuts"
* in the message body to majordomo@saclug.org. Please direct other
* questions, comments, or problems to lug-nuts-owner@saclug.org.

Next message: Lancashire, Andrew: "RE: [lug-nuts] attn Rick - PMFirewall Question"
Previous message: Mike Machado: "Re: [lug-nuts] attn Rick - PMFirewall Question"
In reply to: Mike Machado: "Re: [lug-nuts] attn Rick - PMFirewall Question"
Next in thread: Lancashire, Andrew: "RE: [lug-nuts] attn Rick - PMFirewall Question"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b29 : Fri Feb 11 2000 - 16:20:23 PST