I'm adminning a gauntlet 5.0 box. We've got a user who is trying to do a "proxy open". Near as I can tell, this involves host A opening up two FTP connections, one on his side of the firewall to host B and one to host X on the other side of the firewall through ftp-gw, and sending commands to B and ftp-gw to try to get them to send data directly to each other. Our old DEC SEAL allowed this. Gauntlet isn't allowing it. Of course, that's probably because allowing it is insecure, given that a proxy get/send looks to the firewall like some sort of bizarre bounce attack. But the user can't easily change his application, so I'm looking into configging gauntlet for allowing this anyway, at least temporarily. Preferably just for this one source-ip. Is there some way to do this? Thanks! - Morty - [To unsubscribe, send mail to [EMAIL PROTECTED] with "unsubscribe firewalls" in the body of the message.]
