ip_masq_ftp.o and passive ftp

To: debian-firewall@lists.debian.org
Subject: ip_masq_ftp.o and passive ftp
From: Michael Meskes <meskes@debian.org>
Date: Fri, 21 Jan 2000 13:42:33 +0100
Message-id: <[🔎] 20000121134233.A3335@fam-meskes.de>
Mail-followup-to: debian-firewall@lists.debian.org

Could anyone tell me why the module contains code for passive ftp? Active
ftp won't work without rewriting the port command, but why is the passive
port command rewritten as well? The connection is possible without the
rewriting. 

Or is this used for running an ftp server INSIDE the firewall? 

I don't like the idea of loading a module that allows the people inside to
use active ftp. If I do need the module I have to block the backward
connection in my rule system.

Michael
-- 
Michael Meskes                         | Go SF 49ers!
Th.-Heuss-Str. 61, D-41812 Erkelenz    | Go Rhein Fire!
Tel.: (+49) 2431/72651                 | Use Debian GNU/Linux!
Email: Michael@Fam-Meskes.De           | Use PostgreSQL!

Reply to:

Follow-Ups:
- Re: ip_masq_ftp.o and passive ftp
  - From: Bernd Eckenfels <lists@lina.inka.de>

Prev by Date: Re: config replication
Next by Date: Re: ip_masq_ftp.o and passive ftp
Previous by thread: Re: config replication
Next by thread: Re: ip_masq_ftp.o and passive ftp
Index(es):
- Date
- Thread