Subject: Re: sys/netinet/ip_ftp_pxy.c:ippr_ftp_insecure
To: Darren Reed <darrenr@reed.wattle.id.au>
From: Jun-ichiro itojun Hagino <itojun@iijlab.net>
List: tech-net
Date: 02/03/2001 00:28:58
>> what is the meaning of ippr_ftp_insecure in ip_ftp_pxy.c?
>> it looks that, depending on the variable, the ftp proxy module
>> changes behavior against PORT command rewriting.
>> the variable name makes me wonder what is it, and who/from whom
>> does it try to protect what.
>It forces a login to the ftp server so you just can't start issuing
>PORT commands to scan ports.
so the behavior protects nodes outside of the private address cloud,
from port scans by people behind the NAT box. thanks.
itojun