Date: Thu, 25 Jan 2001 18:54:41 +0200 From: Ertan Kucukoglu <ertank@ozlerplastik.com> To: freebsd-questions@FreeBSD.ORG Cc: Lowell Gilbert <lowell@world.std.com> Subject: Re: Firewall and ftp Message-ID: <3A705A51.9117A527@ozlerplastik.com> References: <3A702FC5.48771E4@ozlerplastik.com> <44wvbjsjby.fsf@lowellg.ne.mediaone.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Lowell Gilbert wrote: > > ertank@ozlerplastik.com (Ertan Kucukoglu) writes: > > > I want to use ftp client and ftp server behind a firewall. > > > > I tried to open ports 20 and 21 but, couldn't manage to use it. People can > > connect, give their passwords, but when they try to ls or get some file or > > something that my machine should send data to them it hangs there. > > > > Which ports should be opened for proper ftp usage? > > > > I'm using ipfw, system is FreeBSD 4.2-STABLE. Internet NIC is called fxp1 on > > my machine. Also there is fxp0 for my LAN. ftp server is FreeBSD ftp server. > > If both the server and client are behind separate firewalls, you won't > be able to use FTP between them unless the firewall has special code > to snoop on FTP control traffic and open ports for the data > connections dynamically. I don't believe that ipfw or ipf do this. > An ftp proxy may help, but you would need to open holes for *that* > instead. No, only the server is behind firewall. > > Note that the FreeBSD ftp client will by default use ports in the > range 49152-65535. You could open up that whole range, and FTP would > work, but, well, you'd've opened up a very big hole in your firewall. I have very little information about ipfw. But, there should be a better way? > > If only the client is behind a firewall, then FTP should work fine if > you use passive mode. If only the server is behind a firewall, then > only active mode will work. > > Good luck. > Thank you to all. -- Ertan Kucukoglu ertank@ozlerplastik.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3A705A51.9117A527>