hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2024-11-24 09:13:37 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

When servicing an internal FTP server, punch ipfirewall(4) holes

Browse Source 
for passive mode data connections (PASV/EPSV -> 227/229).  Well,
the actual punching happens a bit later, when the aliasing link
becomes fully specified.

Prodded by:	Danny Carroll <dannycarroll@hotmail.com>
MFC after:	1 week
This commit is contained in:
Ruslan Ermilov 2001-11-27 10:50:23 +00:00
parent 19cb87ad5a
commit 8573e68110
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=86953
2 changed files with 4 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
lib/libalias/alias_ftp.c
View File

@ -483,11 +483,8 @@ NewFtpMessage(struct ip *pip,
struct tcphdr *tc;
#ifndef NO_FW_PUNCH
if (ftp_message_type == FTP_PORT_COMMAND ||
ftp_message_type == FTP_EPRT_COMMAND) {
/* Punch hole in firewall */
PunchFWHole(ftp_link);
}
/* Punch hole in firewall */
PunchFWHole(ftp_link);
#endif
/* Calculate data length of TCP packet */

7
sys/netinet/libalias/alias_ftp.c
View File

@ -483,11 +483,8 @@ NewFtpMessage(struct ip *pip,
struct tcphdr *tc;
#ifndef NO_FW_PUNCH
if (ftp_message_type == FTP_PORT_COMMAND ||
ftp_message_type == FTP_EPRT_COMMAND) {
/* Punch hole in firewall */
PunchFWHole(ftp_link);
}
/* Punch hole in firewall */
PunchFWHole(ftp_link);
#endif
/* Calculate data length of TCP packet */