[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ipfilter
Subject:    WU-FTPD, passive mode, and IPFilter
From:       Sam Carleton <ehc () linux-info ! net>
Date:       2004-05-27 14:13:37
Message-ID: 20040527141337.GA12239 () miltonstreet ! com
[Download RAW message or body]

WU-FTPD is running behind the ipfilter firewall.  Normal ftp works,
passive ftp does not work.  What needs to be done to get passive ftp
working?  This is how things are configured:

WU-FTPD machine: 172.16.0.2

WU-FTPD has this in it's ftpaccess:

pasive ports 0.0.0.0/0 26000 31999

And the firewall has this in the ipf.conf:

pass in quick on iy0 proto tcp from any to 172.16.0.2/32 port 26000 >< 32000 flags S keep state

and this in the ipnat.conf:

map iy0 0/0 -> 0/32 proxy port ftp ftp/tcp
map iy0 172.16.0.1/24 -> 0/32 proxy port ftp ftp/tcp
map iy0 172.16.0.1/24 -> 0/32 portmap tcp/udp 20000:40000
map iy0 172.16.0.1/24 -> 0/32

rdr iy0 0/0 port 21  -> 172.16.0.2 port 21
rdr iy0 0/0 port 26000:31999 -> 172.16.0.2 port 26000:31999
[prev in list] [next in list] [prev in thread] [next in thread]