> -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Sent: Wednesday, November 15, 2006 9:44 AM > To: [email protected] > Subject: FTP errors > > Upgraded my 3.9 install to 4.0 the other day, followed the > 3.9-4.0 doc and it was smooth as could be. Upgraded all my > packages using > > pkg_add -ui -F update -F updatedepends > > straight from the upgrade doc. Only found a couple, and > installed those. Thats when the fun started. Got an email > from the firewall admin with this message from the firewall logs: > > Nov 14 13:49:05 2006 CST f_ftpproxy a_server t_attack p_major > pid: 1309 ruid: 0 euid: 0 pgid: 1309 fid: 0 logid: 0 cmd: 'pftp' > domain: PFTx edomain: PFTx hostname: fw.somename.net > category: appdef_violation event: denied ftp command > netsessid: 455a1db10002ec59 srcip: 192.168.55.125 srcport: 15910 > dst_local_port: 21 srcburb: internal protocol: 6 > src_local_port: 44510 > dstip: 209.242.32.10 dstport: 21 dstburb: external > attackip: 192.168.55.125 attackburb: internal acl_id: ftp_ext_out > reason: Denied FTP command: EPSV. Data is being dropped. > > So 2 questions. First, can I shut of EPSV and use PASV instead for > pkg_add? Doesn't look like our firewalls will support us turning on > allowing EPSV. I looked through the man pages and didn't > find anything. >
I posted a patch for a new environment variable that can disable EPSV. http://marc.theaimsgroup.com/?l=openbsd-tech&m=116320774706943&w=2 Also you may be able to use the FETCH_CMD variable from the pkg_add man page. And change it to something like '/usr/bin/ftp -E' Although I haven't tried that.
