$ grep 20/tcp /etc/services ftp-data 20/tcp Port 20 is ftp-data. This is the port that a FTP data connection should originate from.
What you are seeing in the logs are ftp.freebsd.org trying to open an inbound ftp data connection to you, probably for a directory listing or a file transfer. If you enable ipfilters transparent FTP proxy it will let those connections through AFAIK. Otherwise you could just set your ftp program to active mode instead and all ftp-data connections will originate from you. I would suggest not opening for all hosts with an originating port of 20. That would make you firewall wide-open. -km On 25/07, [EMAIL PROTECTED] wrote: > Hi all, > trying to download data from ftp server i see IP FILTER blocking > the following packages. Here I did ftp ftp.freebsd.org ... then ls > > 25/07/2007 16:27:18.432046 rl0 @0:22 b MYIP,51363 -> > 204.152.184.73,10478 PR tcp len 20 64 -S OUT > > 25/07/2007 16:27:18.782176 rl0 @0:12 b 204.152.184.73,20 -> MYIP,64082 > PR tcp len 20 64 -S IN > > This port 20 is a TCP warning service, right? > Is it ok to open it for all hosts? > And what was blocked from my client (first package above) trying > to conect to port 10478? > > > > Thanks in advance for any tip ...
