I must have been missing something.
So when a client goes into PASV mode (like all web browsers do), it then
attempts a <CLIENT:*> to <SERVER:*> connection? Unlike non-PASV mode which
would open up a <SERVER:ftp-data> to <CLIENT:*> Correct? This is good for
NAT and Masquerading, but what about firewalls?
So, you have to open up all ports > 1024 on your ftp server incoming from
the outside? Just to support PASV. Of course, with normal connection, at
least you can open them up only to ftp-data sourced packets.
Is that true? Whats the tightest (and fully functional) firewall rules for
ftp servers?
G'day!
-- n i c h o l a s j l e o n
elegance through simplicity*http://mrnick.binary9.net*[EMAIL PROTECTED]
good fortune through truth*roaming:[EMAIL PROTECTED]*ICQ#2170994*U+($++)
TRA#6805*not all questions have answers*pseudogeek:P+++($++)L+($++)W=lm@b9
trust no-one with an iq under 150*understand yourself before trying others
-
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to [EMAIL PROTECTED]
