Date: Thu, 17 Apr 2008 17:57:39 +0800 From: Julius Huang <juliushuang@gmail.com> To: Manolis Kiagias <sonicy@otenet.gr> Cc: Gilles <gilles.ganault@free.fr>, freebsd-questions@freebsd.org Subject: Re: FTP server behind firewall? Message-ID: <B969D2F3-0BCD-488B-8A17-FF9DCB06DB72@gmail.com> In-Reply-To: <4806D928.1070500@otenet.gr> References: <hq9d04lrm3bocphdo0msfnh5pnfved0ar2@4ax.com> <4806B0A0.7000902@radel.com> <uidd04l3l76f1gd2bt1f9eq2gcojuctcgp@4ax.com> <4806D928.1070500@otenet.gr>
next in thread | previous in thread | raw e-mail | index | archive | help
On Apr 17, 2008, at 12:59 , Manolis Kiagias wrote: > Gilles wrote: >> On Wed, 16 Apr 2008 22:06:24 -0400, Jon Radel <jon@radel.com> wrote: >> >>> What control do you have over the firewall? One of the cleaner >>> solutions would be to run an ftp proxy on the firewall, such as that >>> supplied with pf. See ftp-proxy(8) or >>> http://www.openbsd.org/faq/pf/ftp.html >>> >> >> Unfortunately, the router/NAT firewall can be neither replaced nor >> tweaked, since it's a modem/router provided by our ISP. >> >> Actually, we don't necessarily need an FTP. Whatever solution to send >> files is fine, provided I can add this feature in a VB Classic client >> application. >> Hi, May be you can consider using sshd + sftp on Server. (Single Port for just about everything, see below) PSCP or PSFTP (from same as PuTTY) allow send / receive file via command line, eg. you can issue "exec" from VB to send files. "pscp [options] source [source...] [user@]host:target" (PSFTP is prefer over PSCP, but PSCP is simple) http://www.putty.nl/download.html Also, bind sshd on high port will prevent too many port scan and the connection is consider to be more secure than ftp. IMHO, sftp is more easily managed than ftp in the long run (Both Server and Client). ps. I also use ssh to forward 3389, the M$ Terminal Server (even XP has one), no need for PC ANYWHERE. If you need to solve problem remotely, you don't need to open another port (PC ANYWHERE needs 2). J. >> >> > Running an FTP behind a home DSL router is perfectly possible. You > will just have to open a range of ports on the router itself eg > 25000-25050 and forward them to your ftp server internal IP > address. Then set the FTP server to only use these ports for > passive transfers. > > For example, I am using ftp/proftpd and have this directive in the > configuration file: > > PassivePorts 25000-25050 > > You will, of course, need to forward port 21 as well. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B969D2F3-0BCD-488B-8A17-FF9DCB06DB72>