Hi Everyone. We have a new upgrade for Norton AV for Mac OS X and itrequires ftp and port 80 access to be open via your firewall. Well,
we block port 80 outbound except from our proxy servers. Symantec
tells us we can get it to work without port 80, so they sent us a
program to edit out the http data from the liveupdate host file.

They told me there must be active and passive ftp access out to theirweb site. I am not using NAT, and I do allow pretty much any trafficout (other than the aforementioned port 80). I have a stateful rule
utilizing the ftp-port-pasv-st which I understand should handle active

and passive ftp.

You can guess, it doesn't work. I was wondering if anyone out there
can help me out with what I should try next? I'm not very
knowledgable about active and passive ftp. So, even rudimentary helpwould be welcomed.

Christopher L. Davis Network Projects Director
The Principia cld@prin.edu