Re: ipfilter(4) needs maintainer
On Mon, Apr 15, 2013 at 02:50:23PM +0400, Lev Serebryakov wrote:
> KP> I'm however talking about an ftp client behind a very restrictive
> KP> firewall making an IPv6 connection an ftp server that uses passive
> KP> mode data ports that can't be known in advance.
> Same solution -- inspection of connections to 21 port, without any
> address translation. And if FTP server uses non-standard control
> port, yes, here is a problem, but it cannot be solved with NAT too
> (or your NAT/firewall should expect each and every connection for FTP
> commands, which is heavy and error-prone task).
Not heavy.
But error-prone, yes.
_______________________________________________
freebsd-current@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-current
To unsubscribe, send any mail to "freebsd-current-unsubscribe@freebsd.org"
討論串 (同標題文章)
完整討論串 (本文為第 47 之 74 篇):