netbsd-users: Allowing FTP via a ipfilter firewall

Subject: Allowing FTP via a ipfilter firewall
To: None <netbsd-users@netbsd.org>
From: Phil Pereira <freeserver@wintellect.co.uk>
List: netbsd-users
Date: 05/10/2003 18:40:59

Am trying out ipfilter on my NetBSD box via my LAN. It seems to be running fine, however, when connecting via ftp, I can log in, but it refuses to let me get a file or "ls" - it just hangs. If I FTP into the box from itself, all works fine 

Here's what my ipf.conf says for ftp:

code:

pass in quick on ex0 proto tcp from any to any port = ftp keep state
pass in quick on ex0 proto tcp from any to any port = ftp-data keep state
pass in quick on ex0 proto tcp from any port = ftp-data to any port > 1023 keep state

I got all the info from the "security" section of NetBSD's docummentation.

Thanks

-- 
Phil.
---------------------------------------------------
                                           (_ )
UNIX is "user-friendly",                \\\", ) ^
it's just picky about its friends!        \/, \(
                                         cXc_/_)
---------------------------------------------------