tech-net archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

ipf "keep state" rules, tftpd and inetd

I ran into a strange problem (tftp not working) caused by the fact that, if 
tftpd is run via inetd, the reply to the original request packet originates 
from a different port than that the request was sent to. So my "keep state" 
rule in ipf.conf doesn't make the reply pass the filter rules.

I guess this is a standard problem, so what's the standard solution to it?

Is there a relaxed form of "keep state" where the sending port is allowed to 
differ from the receiving port and only the other end's port and the IP 
addresses need to match?

Home | Main Index | Thread Index | Old Index