Re: ws_ftp pro 6.51 exposes internal IP addresses

[Crawling KingSnake <kingsnake () MINISTER COM>]

Well it is a possibiltiy.  I am not a newbie but I am not a seasoned veteran
on unix systems.  I have set up ipfilter on other OS's like freebsd and have
not seen this, but I did not try ws_ftp until after I set up Open BSD.  The
ipf rules are pretty simple and I have some filtering of short pakets and
others specified.  I'd like to know how to definitely track this down then
to whether it is a ws_ftp issue or my ipfilter's set up.  I'd like to think
it isn't ipfilter just because other ftp clients do not exhibit this
behavior.

Crawling King Snake

------

maybe I was reading things wrong but...
Are you sure that's a ws_ftp issue and not a filtering issue?
the ip_masq_ftp equiv under openbsd needs to be dynamically interchanging
internal ip addresses to the firewall ip and waiting for the connection to
forward back to the internal ip address. Theoretically under a correct
setup a transparent proxy should be just that.. transparent...
regardless of client or direction of connection assuming the filtering
module in the bsd kernel is functioning correctly.
Maybe ws_ftp formats it's PASV request different compared to other clients
which is throwing off the firewall's filter?


______________________________________________
FREE Personalized Email at Mail.com
Sign up at http://www.mail.com/?sr=signup