[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Patch for gss ftp client to work through stateful firewalls



Sam,

The only commands send in clear are the PORT and PASV command and their
replies. This is a compromise to allow passing through a firewall.
All other commands are protected as before.

Markus

----- Original Message ----- 
From: "Markus Moeller" <markus_moeller@compuserve.com>
To: <heimdal-discuss@sics.se>
Sent: Friday, April 25, 2003 7:53 PM
Subject: Patch for gss ftp client to work through stateful firewalls


>
> I have a patch for the gss ftp client to work with my proftpd gss module
> http://sourceforge.net/projects/gssmod/ which switches to CCC mode just
> before sending the PORT/PASV/EPSV/EPRT command.
> This allows stateful firewalls like Checkpoint to inspect the traffic. You
> can download it from
> http://sourceforge.net/project/showfiles.php?group_id=70951.
>
> Any comments, suggestions are welcomed
>
> Regards
> Markus
>
>
>