[prev in list] [next in list] [prev in thread] [next in thread]
List: ipfilter
Subject: Re: Not another IPF, FTP, and NAT question!@#$%
From: Barry Callahan <barryc () rjlsystems ! com>
Date: 2003-01-30 2:59:37
[Download RAW message or body]
ProFTPD also lets you masquerade as a different (nat'ed) address.
David S. wrote:
>>Sorry everyone, I know this has been beaten to death, but I still can't
>>get both passive and active ftp working with my FTP server behind a NAT
>>gateway.
>>
>>I tried what was suggested at this posting in the archives:
>>http://false.net/ipfilter/2001_07/0222.html
>>
>>This did not work for me. Only Active FTP is working, passive fails.
>>
>>Here is a snippet of a SmartFTP client log:
>>[snipped the beginning logon sequence]
>>...
>>200 Type set to A.
>> PASV
>>227 Entering Passive Mode (10,0,0,10,193,98)
>> Opening data connection IP: 10.0.0.10 PORT: 49506.
>> A connection attempt failed because the connected party did not
>>properly respond after a period of time, or established connection
>>failed because connected host has failed to respond.
>>
>>
>>I thought with my above rules that the client would get back the
>>external IP address, but instead it gets 10.0.0.10. Any ideas?
>
>
> Try another FTP server, like 'vsftpd' or 'pureftpd', that can be
> configured to return an IP address other than that of its host.
> You also probably need to open a high port range, and configure
> the FTP server to use that port range, for passive connections.
> Again, that's possible with 'vsftpd', 'pureftpd', and some others.
>
> David S.
>
>
>>
>>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic