But in passive FTP you don't have a FTP-DATA connection, do you? I think we were talking about the possibility to get rid of the module by allowing passive mode only.
Michael -- Dr. Michael Meskes, Projekt-Manager | topystem Systemhaus GmbH [EMAIL PROTECTED] | Europark A2, Adenauerstr. 20 [EMAIL PROTECTED] | 52146 Wuerselen Go SF49ers! Use Debian GNU/Linux! | Tel: (+49) 2405/4670-44 > ---------- > From: Bernd Eckenfels[SMTP:[EMAIL PROTECTED] > Sent: Freitag, 6. M�rz 1998 23:23 > To: Bernd Eckenfels > Subject: Re: Start up scripts > > Hello, > > > Where is the FTP-DATA module and why does it need to be refreshing > the > > Control connection....why doesn't the control connection refresh > > itself? > > I was talking about masqueraded connections (or statefull packet > filters). > Both tend to clear connections from the memory table after some amount > of > inactivity. If you transfer large files, then during the transfer over > the > data connection there is usually no data running accross the control > connection. Generally this means the Firewall will timeout the control > connection during the transfer. The FTP programm will barf at the end > of the > data transfer if it tries to go back to the control stream. This is > not a > problem for simple packet filters, but I'm not surer if a simple > packet > filter is state of the art for a good firewall. > > Greetings > Bernd > > -- > (OO) -- [EMAIL PROTECTED] -- > ( .. ) [EMAIL PROTECTED],linux.de,debian.org} > http://home.pages.de/~eckes/ > o--o *plush* 2048/93600EFD [EMAIL PROTECTED] +497257930613 BE5-RIPE > (O____O) If privacy is outlawed only Outlaws have privacy > > > -- > E-mail the word "unsubscribe" to > [EMAIL PROTECTED] > TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble? E-mail to > [EMAIL PROTECTED] . > -- E-mail the word "unsubscribe" to [EMAIL PROTECTED] TO UNSUBSCRIBE FROM THIS MAILING LIST. Trouble? E-mail to [EMAIL PROTECTED] .
