From owner-freebsd-questions Sun Dec 23 12:13:56 2001 Delivered-To: freebsd-questions@freebsd.org Received: from relay.pair.com (relay1.pair.com [209.68.1.20]) by hub.freebsd.org (Postfix) with SMTP id 3055F37B416 for ; Sun, 23 Dec 2001 12:13:52 -0800 (PST) Received: (qmail 7285 invoked from network); 23 Dec 2001 20:13:51 -0000 Received: from softdnserror (HELO mail.bacxs.com) (67.8.24.120) by relay1.pair.com with SMTP; 23 Dec 2001 20:13:51 -0000 X-pair-Authenticated: 67.8.24.120 Received: from massive.bacxs.com by mail.bacxs.com with SMTP (MDaemon.PRO.v5.0.0d.R) for ; Sun, 23 Dec 2001 15:12:14 -0500 Message-Id: <5.1.0.14.0.20011223150855.026bc6d8@127.0.0.1> X-Sender: mwoodson@127.0.0.1 X-Mailer: QUALCOMM Windows Eudora Version 5.1 Date: Sun, 23 Dec 2001 15:12:13 -0500 To: johann@broadpark.no From: Mark Woodson Subject: Re: your mail Cc: freebsd-questions@freebsd.org In-Reply-To: <1009117155.3c25e7e3c0a5c@mail.broadpark.no> References: <20011223080849.C227@twincat.vladsempire.net> <1009114372.3c25dd041de76@mail.broadpark.no> <20011223080849.C227@twincat.vladsempire.net> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" X-Return-Path: mwoodson@bacxs.com X-MDaemon-Deliver-To: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG At 03:19 PM 12/23/2001 +0100, you wrote: >Well, my problems are getting passive mode on my FTPD (virtual server, port 2001, whereas passive mode on my main server, port 21, seems to work) and DCC in my IRC client to work. For instance, when I wanted SSH and my system accounts FTPD to work, I had to add an NAT entry for port 22 and port 21 in a telnet session between my machine and my ADSL router; > >set nat entry add 10.0.0.2 20-22 0.0.0.0 20-22 tcp > >This also has to be done for daemons like identd, BIND etc. >However, when it comes to redirecting the ports for passive and DCC, I'm stuck. I'm not the one running NATD, it's my ISP. I have one static IP, and that's it. Well... Both passive ftp and dcc use random high ports on both ends. Passive ftp works great from the client side through a firewall but is a rather large pain on the server end behind a nat/firewall. Basically you have to redirect _all_ tcp ports over 1023 to your machine. Active ftp is easier because it uses port 20 (ftp-data). -Mark To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message