From owner-freebsd-questions@FreeBSD.ORG  Sun Feb  5 12:32:36 2006
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 4E8CE16A422
	for <questions@freebsd.org>; Sun,  5 Feb 2006 12:32:36 +0000 (GMT)
	(envelope-from anonymous@forea.ch)
Received: from tinker.apex13.com (tinker.apex13.com [69.72.250.186])
	by mx1.FreeBSD.org (Postfix) with ESMTP id EE6CB43D45
	for <questions@freebsd.org>; Sun,  5 Feb 2006 12:32:35 +0000 (GMT)
	(envelope-from anonymous@forea.ch)
Received: from localhost (localhost.apex13.com [127.0.0.1])
	by tinker.apex13.com (Postfix) with ESMTP id 4B8C239B36;
	Sun,  5 Feb 2006 07:32:34 -0500 (EST)
Received: from tinker.apex13.com ([127.0.0.1])
	by localhost (tinker.apex13.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 21291-07; Sun,  5 Feb 2006 07:32:33 -0500 (EST)
Received: from [192.168.0.106] (ip68-8-151-137.sd.sd.cox.net [68.8.151.137])
	by tinker.apex13.com (Postfix) with ESMTP id BEED139A34;
	Sun,  5 Feb 2006 07:32:32 -0500 (EST)
Message-ID: <43E5F019.7030107@forea.ch>
Date: Sun, 05 Feb 2006 04:31:21 -0800
From: a non y mouse <anonymous@forea.ch>
User-Agent: Mozilla Thunderbird 1.0.7 (Windows/20050923)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: Kristian Vaaf <vaaf@broadpark.no>
References: <fe7898d567d7.43e4c0f5@broadpark.no>	<MIEPLLIBMLEEABPDBIEGAEKPHMAA.fbsd_user@a1poweruser.com>
	<7.0.1.0.2.20060205124408.02105e30@broadpark.no>
In-Reply-To: <7.0.1.0.2.20060205124408.02105e30@broadpark.no>
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: by amavisd-new-2.3.3 (20050822) (FreeBSD) at localhost
Cc: questions@freebsd.org
Subject: Re: ftpd: Passive mode isn't working
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Feb 2006 12:32:36 -0000

Kristian Vaaf wrote:

> ftp is working.
> Active mode works, passive mode doesn't.

i just scanned over your ruleset...so forgive me if i am way off base

with that said, are you using the freebsd ftpd? did you change the
portrange.hifirst and .hilast sysctl values? because it would appear to
me that unless you have done so, you are not allowing all ports which
will be used by ftpd in passive mode:

tinker% sysctl -a | grep portrange.hi
net.inet.ip.portrange.hifirst: 49152
net.inet.ip.portrange.hilast: 65535