From owner-freebsd-questions Sun May 13 0: 6:37 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mr200.netcologne.de (mr200.netcologne.de [194.8.194.109]) by hub.freebsd.org (Postfix) with ESMTP id 575E337B443 for ; Sun, 13 May 2001 00:06:33 -0700 (PDT) (envelope-from pherman@frenchfries.net) Received: from husten.security.at12.de (dial-213-168-96-30.netcologne.de [213.168.96.30]) by mr200.netcologne.de (Mirapoint) with ESMTP id AFK42072; Sun, 13 May 2001 09:06:30 +0200 (CEST) Received: from localhost (localhost.security.at12.de [127.0.0.1]) by husten.security.at12.de (8.11.3/8.11.3) with ESMTP id f4D76Fx07620; Sun, 13 May 2001 09:06:15 +0200 (CEST) (envelope-from pherman@frenchfries.net) Date: Sun, 13 May 2001 09:06:15 +0200 (CEST) From: Paul Herman To: Hervey Wilson Cc: Artem Koutchine , Subject: Re: Allow rules for ipfw for active ftp In-Reply-To: <011001c0db5f$0cd9f2c0$0101a8c0@chillipepper> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sat, 12 May 2001, Hervey Wilson wrote: > Then I discovered that login.conf was setting > FTP_PASSIVE_MODE=YES. Removing this option so that the ftp client > on the firewall server used active connections made everything > work perfectly. Mostly yes, but this can be a problem if both sides have a firewall, which was why I needed to use punch_fw. The users needed to regularly FTP data from one customer who also was behind a firewall. Someone had to give. -Paul. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message