[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Start up scripts

Hello,

> Where is the FTP-DATA module and why does it need to be refreshing the
> Control connection....why doesn't the control connection refresh
> itself?

I was talking about masqueraded connections (or statefull packet filters).
Both tend to clear connections from the memory table after some amount of
inactivity. If you transfer large files, then during the transfer over the
data connection there is usually no data running accross the control
connection. Generally this means the Firewall will timeout the control
connection during the transfer. The FTP programm will barf at the end of the
data transfer if it tries to go back to the control stream. This is not a
problem for simple packet filters, but I'm not surer if a simple packet
filter is state of the art for a good firewall.

Greetings
Bernd

-- 
  (OO)      -- Bernd_Eckenfels@Wendelinusstrasse39.76646Bruchsal.de --
 ( .. )  ecki@{inka.de,linux.de,debian.org} http://home.pages.de/~eckes/
  o--o     *plush*  2048/93600EFD  eckes@irc  +497257930613  BE5-RIPE
(O____O)       If privacy is outlawed only Outlaws have privacy


--
E-mail the word "unsubscribe" to debian-firewall-request@lists.debian.org
TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble?  E-mail to listmaster@debian.org .
Reply to: