Very cool thank you. I always wondered what that was for :)
Bret
"Mikkel L. Ellertson" wrote:
>
> At 03:41 PM 4/3/00 +0100, you wrote:
> >Hi folks,
> >
> >I'm looking for some info with regard to ncftp and firewall. What happened
> >was this: If for example I tried to connect to ftp.heanet.ie with ncftp, I
> >get an error message "no route to host" and my firewall log showed this:
> >
> >Mar 28 22:40:21 magrat kernel: IP fw-out rej ppp0 TCP MY_DYNAMIC_IP:61003
> 193.1.219.117:0 L=44 S=0x00 I=2648 F=0x0000 T=63
> >
> >If, however, use the ordinary "ftp ftp.heanet.ie", the connection works
> >fine. Also, if I set ncftp to "Passive FTP only", it seems to work.
> >
> >Hence, I'm looking for someone to shed some light on this or maybe give me a
> >pointer to more information, e.g. what's port 0 anyway - /etc/services
> >doesn't list it? The rule that blocks those packets claims to block
> >SUN RPC packets:
> >
> > ipfwadm -O -a reject -o -P tcp -W $EXTERNES_INTERFACE \
> > -S $IPADDR \
> > -D $ANYWHERE 0 87 111 512 513 514 515 540
> >
> >($EXTERNES_INTERFACE is "ppp0" - I've got most of the rules for my firewall
> >from a German Firewall "HOWTO" - very helpful. I wonder what Babelfish would
> >do to it... ;-) )
> >
> >Any ideas?
> >
> >Thanks in advance,
> >
> >Thomas
> >
> Try loading the ip_masq_ftp.o module. It takes care of the return
> connection of an active FTP connection.
>
> modprobe ip_masq_ftp
>
> Mikkel
>
> --
> Do not meddle in the affairs of dragons,
> for you are crunchy and taste good with ketchup.
>
> --
> To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
> as the Subject.
--
To unsubscribe: mail [EMAIL PROTECTED] with "unsubscribe"
as the Subject.
