Subject: Re: ipnat ftp proxy fix yet? (ever?)
To: Manuel Bouyer <>
From: Sean Davis <>
List: tech-net
Date: 10/28/2004 15:47:29
On Thu, 28 Oct 2004 16:27:21 +0200, Manuel Bouyer
<> wrote:
> On Thu, Oct 28, 2004 at 07:52:24AM -0400, Sean Davis wrote:
> > > Because a lot of things have changed between ipf3 and 4, and the diff is not
> > > exploitable ?
> >
> > I think you are deliberately missing my point. FTP proxy in ipf3
> > worked. FTP proxy in ipf4 does not, at least not on sparc/sparc64.
> > Surely fixing the problems in ipf3 didn't require breaking the
> > functionality? After all, it still works on i386.
> I think you're missing mine. ipf4 has great improvements over ipf3, so going
> back to ipf3 isn't an option. You say "it worked in ipf3 so looking at the
> changes between 3 and 4 it should be possible to see where it's broken".
> The problem is that the changes between 3 and 4 are so large that spotting the
> change that cause the problem isn't obvious.

How many times do I have to say that I wasn't suggesting going back to
IPF3? what I was saying was that if Darren knew how to do it in ipf3,
he knows how to do it in ipf4. The basic logic of how the ftp proxy
works can't be *THAT* different. There are only so many ways to skin
this particular cat.