Subject: Re: sys/netinet/ip_ftp_pxy.c:ippr_ftp_insecure
To: Darren Reed <darrenr@reed.wattle.id.au>
From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
List: tech-net
Date: 02/03/2001 00:28:58
>> 	what is the meaning of ippr_ftp_insecure in ip_ftp_pxy.c?
>> 	it looks that, depending on the variable, the ftp proxy module
>> 	changes behavior against PORT command rewriting.
>> 	the variable name makes me wonder what is it, and who/from whom
>> 	does it try to protect what.
>It forces a login to the ftp server so you just can't start issuing
>PORT commands to scan ports.

	so the behavior protects nodes outside of the private address cloud,
	from port scans by people behind the NAT box.  thanks.

itojun