holm/shorewall_code
1
0
Fork 0
forked from extern/shorewall_code
Code Pull Requests Activity

Add FTP server warning

Browse Source 
git-svn-id: https://shorewall.svn.sourceforge.net/svnroot/shorewall/trunk@1846 fbd18981-670d-0410-9b5c-8dc0c1a9a2bb
This commit is contained in:
teastep 2004-12-21 19:00:03 +00:00
parent adaa0a8a44
commit 441b71a0a0
1 changed files with 9 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
Shorewall-docs2/FTP.xml
View File

@ -15,7 +15,7 @@
</author>
</authorgroup>
<pubdate>2004-05-19</pubdate>
<pubdate>2004-12-21</pubdate>
<copyright>
<year>2003</year>
@ -343,6 +343,14 @@ options ip_nat_ftp ports=21,49</programlisting>
<section id="Rules">
<title>Rules</title>
<warning>
<para>If you run an FTP server behind your firewall and your server
offers a method of specifying the external IP address of your firewall,
DON'T USE THAT FEATURE OF YOUR SERVER. Using that option will defeat the
purpose of the ftp helper modules and can result in a server that
doesn't work.</para>
</warning>
<para>If the policy from the source zone to the destination zone is ACCEPT
and you don't need DNAT (see <ulink url="FAQ.htm#faq30">FAQ 30</ulink>)
then <emphasis role="bold">you need no rule</emphasis>.</para>