bugzilla-daemon@netfilter.org
2003-Feb-06 18:47 UTC
[Bug 44] ip_conntrak_ftp / ip_nat_ftp enhancements
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=44
laforge@netfilter.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
------- Additional Comments From laforge@netfilter.org 2003-02-06 19:47 -------
This 'bug' has been discussed at least two or maybe even three years ago
on the
netfilter mailinglist(s). It is not possible to change the current behaviour
(expect data connection to come from same IP as control connection) without
introducing major security risks.
I'm not going to recite the whole explanation of how + why here. Please try
to
read find the answers in the list archives or if you still have questions, ask
them at netfilter-devel@lists.netfilter.org.
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Seemingly Similar Threads
- [Bug 44] New: ip_conntrak_ftp / ip_nat_ftp enhancements
- [Bug 441] Feature Request; Resolve Domains/Hostnames
- [Bug 45] Feature: only count packets that get matched in a chain
- [Bug 82] iptables doesn't compile if no optimization flags are set
- [Bug 32] ip_conntrack seems to track everything which can be very slow on HTTP
Wisdom of the Ancients
