[c-nsp] ftp fixup on firewall service module

Mishka, Jason Jason.Mishka at UToledo.Edu
Wed May 5 09:29:12 EDT 2010


A you ftping on the default port, 21?  If not, it won't work (unless you
specify otherwise, I believe).  The inspection engine needs to see the
data channel port negotiation.

There was also a ftp related bug prior to 3.1(10) for session
termination but this doesn't sounds like it.  Bug check out CSCsi27512
just in case.

Jason



-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Arne Larsen /
Region Nordjylland
Sent: Wednesday, May 05, 2010 6:04 AM
To: 'cisco-nsp at puck.nether.net'
Subject: [c-nsp] ftp fixup on firewall service module

Hi all.

I'm having some problems with a client connecting to a ftp server.
The client uses passive mode, shouldn't the fixup in the service module
take care of the data channel.
I can se anything being dropped in firewall, but then again I don't s
really se any traffic on the data channel.

/Arne
_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list