Re: [Masq] add ports to ip_masq_ftp on the fly?

Fri, 15 Sep 2000 15:50:39 -0700 

/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
/* ALSO: Don't quote this header. It makes you look lame :-) */


On Thu, 14 Sep 2000 21:40:35 -0700, you wrote:

>/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! 
>/* ALSO: Don't quote this header. It makes you look lame :-) */
>
>
> >Hello,  I just recently got internally masq'd ftp pasv mode to work
> >with Neil Toronto's patch.  Everything seems to work great.  One
> >little inconvenience though:  If I have several people logged into my
> >windows ftp site, and go to login to someone else's ftp site that is
> >for example on port 9999 or something,
>
>Stop using non-standard ports.  Using non-standard ports
>doesn't get you any additional security.'

I know that, you know that, but the people who run windows ftp sites
don't know that.  My ftp site is on standard 21, so people usually
don't have a problem getting into it, even behind windows firewalls
that require pasv mode thanks to the modified ip_masq_ftp.

Linux is famous (I think) for getting around problems like this, when
people do things strange.  It is also famous for providing the most
features, most flexibility and the most efficient code ever.  My
gateway/masq machine is a 486 sx 33 with 12 megs of ram, and no l2
cache, so it runs like a 386.  5 hour kernel compiles, and is still
basically limited to networks speed.


>
>
> >Is there
> >anyway to tell ip_masq_ftp to listen on additional ports without
> >unloading it?
>
>Nope though that would be cool if the module could be rewriten
>to take some configuration from /proc.

That's what I'm asking, I would think it would be possible to modify
the module to take additional ports (on the fly, maybe via proc as you
suggested), but I have not idea how.  I am definitely NOT a C/kernel
programmer.  I'm just getting into perl for example, 5 line programs.

_______________________________________________
Masq maillist  -  [EMAIL PROTECTED]
Admin requests can be handled at http://www.indyramp.com/masq-list/ -- 
THIS INCLUDES UNSUBSCRIBING!
or email to [EMAIL PROTECTED]

PLEASE read the HOWTO and search the archives before posting.
You can start your search at http://www.indyramp.com/masq/
Please keep general linux/unix/pc/internet questions off the list.

Reply via email to