[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: pf and ftp

On Mon, 21 Mar 2005, Peter Fraser wrote:
> A while a go I had trouble if ftp-proxy and windows ftp clients.
> The windows clients were checking to see if the ftp responses were
> actually coming from the ip address they expected, and they were
> not, and as a result the ftp client would object and the session
> would end.
> It was suggest that I try 
> pftpx by Camiel Dobbelaar [[email protected]]
> I did, and it has been working very well for my for about 6 weeks.
Thank you!
Let me seize this opportunity to plug a new version, which I would 
appreciate if people could test it.
- fix a critical bug where pftpx might crash on prematurely aborted 
- use pf rollback where appropriate.  It also tries commits twice when pf 
  is busy.
- rewrite source and destination ports so they are random.  This minimizes 
  port collisions (which are already pretty rare) and adds security (some 
  systems pick weak ports).
- sourceport can fixed to port 20 for _really_ antique clients