faq
search
add article
cool-stuff
how-to
main
tips
parent
thread
|
Re: FTP through NATD?
by Jason on Sunday June 09, @10:05AM
|
Okay I believe I have solved this. The firewall rules that I provided in the previous post seem fine for both passive and active ftp. Here are those rules again:
$fwcmd add pass log tcp from any 1024-65535 to any 49152-65535
$fwcmd add pass log tcp from any to any 21 in recv ${oif} setup keep-state
I was having a problem with active ftp, only because the site I was using to launch my ftp client software would only allow passive outbound ftp connections. Using active ftp was blocked onthe client side and had nothing to do with my server test.
So now it comes down to a nat'd connection:
I added the following line to my /etc/rc.conf
# NATD
natd_enable="YES"
natd_interface="xl0" # my outside interface
natd_flags="-f /usr/local/etc/natd.conf"
I created the file /usr/local/etc/natd.conf with the follwing rules:
redirect_port tcp 192.168.1.10:21 21
redirect_port tcp 192.168.1.10:20 20
The rfc1918 address 192.168.1.10 is the address of the machine running ftpd behind my firewall on my private network.
After these changes I ftp'd some files multiple times and all went well. |
| Add Reply |
Important Stuff:
Note: Fields with bold titles are required.
Please try to keep posts on topic.
Try to reply to other people comments instead of starting new threads,
Read other people's messages before posting your own to
avoid simply duplicating what has already been said.
Use a clear subject that describes what your
message is about.
Please do not post offtopic, inflammatory, inappropriate, illegal,
or offensive comments. Repeat offenders will be sanctioned.
|
