[Bug 114] NAT on ftp with 2.4.21 does not forward FXP connections
bugzilla-daemon@netfilter.org
bugzilla-daemon@netfilter.org
Fri, 18 Jul 2003 09:51:12 +0200
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=114
laforge@netfilter.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
------- Additional Comments From laforge@netfilter.org 2003-07-18 09:51 -------
This is not a bug. Even 2.4.20 should _NEVER_ been able to deal with FXP.
Enabling FXP with connection tracking would cause huge security holes. You
cannot safely use FXP with any stateful firewall.
I think this has been discussed already 2 or three years ago on the netfilter
mailinglists.
Enabling FXP would again raises issues like described in
http://www.netfilter.org/security/2001-04-16-ftp.html
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.