Re: iptables w/2.4 kernels

To: Robert Bartels <rbartels@qx.net>
Cc: debian-security@lists.debian.org
Subject: Re: iptables w/2.4 kernels
From: "Sander Smeenk \(CistroN Medewerker\)" <ssmeenk@cistron.nl>
Date: Thu, 19 Apr 2001 15:31:26 +0200
Message-id: <20010419153126.A14045@cistron.nl>
In-reply-to: <MGEDJOMNEECFEHABEGMFGECPCMAA.rbartels@qx.net>; from rbartels@qx.net on Thu, Apr 19, 2001 at 08:56:00AM -0400
References: <MGEDJOMNEECFEHABEGMFGECPCMAA.rbartels@qx.net>

Quoting Robert Bartels (rbartels@qx.net):

> I don't see how this can be done if the ftp server doesn't support anonymous
> logins or
> fpx xfers...

For all I know you don't even have to log in to the ftp server...
If you just connect and send a PORT commando, the iptables ftp-connection
tracking will notice this, and will add a rule to accept connections on
the ports specified in the PORT commando..

You only have about 10 or more seconds to connect to the port, before the 
rule will expire... 

Regards,
sander.

-- 
| Wie zichzelf spaart is al snel 'n postzegel
|     -- Loesje

Reply to:

References:
- iptables w/2.4 kernels
  - From: "Robert Bartels" <rbartels@qx.net>

Prev by Date: iptables w/2.4 kernels
Next by Date: Re: iptables w/2.4 kernels
Previous by thread: iptables w/2.4 kernels
Next by thread: Re: iptables w/2.4 kernels
Index(es):
- Date
- Thread