thr3ads.net - netfilter buglog - [Bug 114] NAT on ftp with 2.4.21 does not forward FXP connections [Jul 2003]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon@netfilter.org

2003-Jul-18 07:51 UTC

[Bug 114] NAT on ftp with 2.4.21 does not forward FXP connections

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=114

laforge@netfilter.org changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|                            |INVALID



------- Additional Comments From laforge@netfilter.org  2003-07-18 09:51 -------
This is not a bug. Even 2.4.20 should _NEVER_ been able to deal with FXP.

Enabling FXP with connection tracking would cause huge security holes. You
cannot safely use FXP with any stateful firewall.

I think this has been discussed already 2 or three years ago on the netfilter
mailinglists. 

Enabling FXP would again raises issues like described in
http://www.netfilter.org/security/2001-04-16-ftp.html



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

netfilter buglog - Jul 2003 - [Bug 114] NAT on ftp with 2.4.21 does not forward FXP connections

[Bug 114] NAT on ftp with 2.4.21 does not forward FXP connections