[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-security
Subject:    Re: IPF rule response
From:       "Karsten W. Rohrbach" <karsten () rohrbach ! de>
Date:       2001-06-24 16:11:57
[Download RAW message or body]

Kris Anderson(ohshutup@zdnetmail.com)@2001.06.22 15:03:12 +0000:
> Howdy folks,
> 
> I've got a rule in my ipf that is reporting the following to syslog
> 
> <private_if>: <2>Jun 22 14:51:34 /kernel: ipfw: 3 Deny TCP 195.224.212.72:21
> <public_if>:21 in via rl0
> 
> I have limited understanding but it looks like that some bonehead on
> the 195. network is doing some sort of goofy ftp thing to my public_if,
> almost as if it was ftp relaying.
> 
> Could somebody unconfuse me as to what this means?

it seems that you are mixing up ipf (ipfilter) and ipfw in the first
place. a properly configured ipfilter with ftp in-core proxy for keeping
state on the sessions would solve it i think.

/k

-- 
> "In Christianity neither morality nor religion come into contact with
> reality at any point." --Friedrich Nietzsche
KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie
http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/
karsten&rohrbach.de -- alpha&ngenn.net -- alpha&scene.org -- catch@spam.de
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE  DF22 3340 4F4E 2964 BF46
Please do not remove my address from To: and Cc: fields in mailing lists. 10x

[Attachment #3 (application/pgp-signature)]
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message


[prev in list] [next in list] [prev in thread] [next in thread]