different between this two scripts???FTP Problems
This is a discussion on different between this two scripts???FTP Problems within the IPFilter forums, part of the System Security and Security Related category; <html><body><span style="font-family: arial,helvetica,sans-serif;"><font ...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
02-18-2005
|
|||
|
|||
different between this two scripts???FTP Problems
<html><body><span style="font-family: arial,helvetica,sans-serif;"><font size="2"><br>
I am using freebsd 4.10 p5, running ipfilter in the kernel. But i have this question, what is the different between this to scrips:<br> <br> ********************************************before cool********************************************** ******<br> /etc/ip.rules<br> pass out quick on tun0 proto tcp from any to any flags S keep state<br> pass out quick on tun0 proto udp from any to any keep state<br> pass out quick on tun0 proto icmp from any to any keep state<br> <br> ****my Private nick si ed0 and he can walk free***<br> <br> /etc/ipnat.rules<br> map tun0 192.168.1.0/24 -> 0/32<br> </font></span><span style="font-family: arial,helvetica,sans-serif;"><font size="2">***************************************** ***before cool********************************************** ******<br> </font></span><span style="font-family: arial,helvetica,sans-serif;"><font size="2">***************************************ne w problems FTP*********************************************** *****</font></span><br> <span style="font-family: arial,helvetica,sans-serif;"><font size="2"> And the new <br> <br> /etc/ipf.rules<br> pass out quick on tun0 proto tcp from any to any port = 21 flags S keep state<br> pass out quick on tun0 proto tcp from any to any port = 80 flags S keep state<br> </font></span><span style="font-family: arial,helvetica,sans-serif;"><font size="2"><br> ****my Private nick si ed0 and he can walk free***</font></span><br> <span style="font-family: arial,helvetica,sans-serif;"><font size="2"> <br> /etc/ipnat.rules<br> </font></span> map tun0 192.168.1.0/24 -> 0/32 proxy port 21 ftp/tcp <br> map tun0 192.168.1.0/24 -> 0/32 portmap tcp/udp 20000:60000<span style="font-family: arial,helvetica,sans-serif;"><font size="2"> <br> map tun0 192.168.1.0/24 -> 0/32 <br> </font></span><span style="font-family: arial,helvetica,sans-serif;"><font size="2">***************************************ne w problems FTP*********************************************** *****<br> <br> </font></span><span style="font-family: arial,helvetica,sans-serif;"><font size="2"> I ask this because, the first none of my clients(win xp, win98, win2k, freebsd) was having problems accessing any service, FTP, WEB, HTTPS, etc.<br> <br> But went i change my rules to be more defined if they want to access the freebsd server example, the server say:<br> <br> ftp> ls<br> Entering passive mode<br> ftp: connect no route to host<br> <br> Ok i read that this a protocol desing problem, but what is the different between this to scrips???<br> why the first one dont have any problems and the second one give this problems???<br> <br> Any information will be aprecite. <br> <br> Thanks in advanced.<br> <br> NOTE: Some one give a tip: he say to resolve this problem just add a new rule on /etc/ipnat<br> </font></span> map tun0 192.168.1.0/24 -> (ftp.server.ip)/32 proxy port 21 ftp/tcp <br> map tun0 192.168.1.0/24 -> 0/32 proxy port 21 ftp/tcp <br> map tun0 192.168.1.0/24 -> 0/32 portmap tcp/udp 20000:60000<span style="font-family: arial,helvetica,sans-serif;"><font size="2"> <br> map tun0 192.168.1.0/24 -> 0/32 <br> </font></span><span style="font-family: arial,helvetica,sans-serif;"></span><br> <br> <br> <br><hr>Create tu cuenta webmail en http://www.starlinux.net<br></body></html> 
|
Linear Mode
