tech-net: Re: ipfilter changes in 1.4.2

Subject: Re: ipfilter changes in 1.4.2
To: Darren Reed <darrenr@reed.wattle.id.au>
From: Manuel Bouyer <bouyer@antioche.lip6.fr>
List: tech-net
Date: 04/26/2000 18:20:42

On Thu, Apr 27, 2000 at 12:19:41AM +1000, Darren Reed wrote:
> [...]
> 
> Hmm.  If you do "ipnat -l" whilst the ftp session is "open", you
> see entries besides the rules, correct ?

Yes: I have a ftp session running between 132.227.63.133 and 132.227.74.11
(no data transfer runnings, but I did a 'dir' in passive mode).

List of active MAP/Redirect filters:
map ex0 132.227.63.0/24  -> 132.227.78.1/32  proxy port ftp ftp/tcp
map ex0 132.227.103.0/24  -> 132.227.78.1/32  proxy port ftp ftp/tcp

List of active sessions:
MAP 132.227.63.133  65227 <- -> 132.227.78.1    65227 [132.227.74.11 57149]
MAP 132.227.63.133  65228 <- -> 132.227.78.1    65228 [132.227.74.11 21]
	proxy ftp/6 use 2 flags 0
		proto 6 flags 0 bytes 4674 pkts 30 data 0x0 psiz 0

--
Manuel Bouyer, LIP6, Universite Paris VI.           Manuel.Bouyer@lip6.fr
--