[ previous ] [ next ] [ threads ]
 
 From:  "uffe" <uffe at northpole dot se>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Registration from ftp in FW log - means what?
 Date:  Fri, 6 Aug 2004 23:46:44 +0200 
Hi,

Using an ordinary ftp client like FileZilla in passive mode behind Monowall 1.0 gives no
registration in the FW log (sis1- WAN Interface) when I use the rule (TCP, LAN net, * ,
195.47.xxx.yy, 21) for LAN interface.  Everything as expected. But I have noticed when use the ftp
task  for DTS package in sql2000 server the following registration appear in the log:

<132>Aug  6 22:48:34 ipmon[64]: 22:48:33.789671 sis1 @0:17 b 195.47.xxx.yy,21 ->
213.112.zzz..61,1818 PR tcp len 20 40 -AF IN 

The remote ftp server is sending back some packages that is blocked by the FW. Could anyone help
interpret and tell me what's going on? I'm new to this but  trying to learn. So far I have Monowall
1.0 up running on net4501 by help from the mail lists. So thanks all!

regards
uffe