diff options
Diffstat (limited to 'libexec/ftpd/ftpd.8')
-rw-r--r-- | libexec/ftpd/ftpd.8 | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/libexec/ftpd/ftpd.8 b/libexec/ftpd/ftpd.8 index c4a39ef11f6..616172747e7 100644 --- a/libexec/ftpd/ftpd.8 +++ b/libexec/ftpd/ftpd.8 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ftpd.8,v 1.12 1997/05/01 14:45:36 deraadt Exp $ +.\" $OpenBSD: ftpd.8,v 1.13 1997/12/12 08:55:09 deraadt Exp $ .\" $NetBSD: ftpd.8,v 1.8 1996/01/14 20:55:23 thorpej Exp $ .\" .\" Copyright (c) 1985, 1988, 1991, 1993 @@ -43,7 +43,7 @@ Internet File Transfer Protocol server .Sh SYNOPSIS .Nm ftpd -.Op Fl dDhlMSU +.Op Fl dDhlMSUP .Op Fl T Ar maxtimeout .Op Fl t Ar timeout .Op Fl u Ar mask @@ -94,6 +94,14 @@ for anonymous transfers, a directory matching the fully qualified name of IP number the client connected to, and located inside .Pa ~ftp is used instead. +.It Fl P +Permit illegal port numbers or addresses for PORT command initiated connects. +By default +.Xr ftpd 8 +violates the RFC and thus constrains the PORT command to non-reserved ports +and requires it use the same source address as the connection came from. +This prevents the "FTP bounce attack" against services on both the local +machine and other local machines. .It Fl S With this option set, .Nm ftpd |