From owner-freebsd-questions@FreeBSD.ORG Thu Apr 17 09:57:45 2008 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 1C27A1065670 for ; Thu, 17 Apr 2008 09:57:45 +0000 (UTC) (envelope-from juliushuang@gmail.com) Received: from wf-out-1314.google.com (wf-out-1314.google.com [209.85.200.172]) by mx1.freebsd.org (Postfix) with ESMTP id DED778FC17 for ; Thu, 17 Apr 2008 09:57:44 +0000 (UTC) (envelope-from juliushuang@gmail.com) Received: by wf-out-1314.google.com with SMTP id 25so2774657wfa.7 for ; Thu, 17 Apr 2008 02:57:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:in-reply-to:references:mime-version:x-gpgmail-state:content-type:message-id:cc:content-transfer-encoding:from:subject:date:to:x-mailer; bh=F0NAocR+8R0TJmkWZ86nkVhSWj+29ktpOXGTdzGL7SQ=; b=Z8Ez6LfYTQNPa0vbEFP1z/pjMOy0Co0hytMPAsMQjeKR+8diAnlt7GI+r+X4VzSpJutxyjJOIzYWokl1Qks+IocV9KUVe9w1N1loDVWdwS/vwIhNb21Y/K/ryMaYw6k48PqKH/aEpAeP/l6RZHBF37f6G4bdsr05hiY4fhIZ7ec= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=in-reply-to:references:mime-version:x-gpgmail-state:content-type:message-id:cc:content-transfer-encoding:from:subject:date:to:x-mailer; b=ELnfOlx69G3268hPTfLCbMxPpSEbwte7Uj2TVAnK234tuCTLWuKbWw3SNa2nyw8LZETl2DpToo4hYkRuP62/tWtqrD6OQ4Vv+4myVNTFaq+4uoH/9jcDfdGvGbs3NhnMB3OwCYzY8XIXwT2PDWRoF0epzRuCjG1f+M6v3qz2sRg= Received: by 10.142.144.16 with SMTP id r16mr370371wfd.97.1208426263604; Thu, 17 Apr 2008 02:57:43 -0700 (PDT) Received: from ?59.124.104.176? ( [59.124.104.176]) by mx.google.com with ESMTPS id 30sm20103046wfd.19.2008.04.17.02.57.42 (version=SSLv3 cipher=OTHER); Thu, 17 Apr 2008 02:57:43 -0700 (PDT) In-Reply-To: <4806D928.1070500@otenet.gr> References: <4806B0A0.7000902@radel.com> <4806D928.1070500@otenet.gr> Mime-Version: 1.0 (Apple Message framework v753) X-Gpgmail-State: !signed Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: Content-Transfer-Encoding: 7bit From: Julius Huang Date: Thu, 17 Apr 2008 17:57:39 +0800 To: Manolis Kiagias X-Mailer: Apple Mail (2.753) Cc: Gilles , freebsd-questions@freebsd.org Subject: Re: FTP server behind firewall? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Apr 2008 09:57:45 -0000 On Apr 17, 2008, at 12:59 , Manolis Kiagias wrote: > Gilles wrote: >> On Wed, 16 Apr 2008 22:06:24 -0400, Jon Radel wrote: >> >>> What control do you have over the firewall? One of the cleaner >>> solutions would be to run an ftp proxy on the firewall, such as that >>> supplied with pf. See ftp-proxy(8) or >>> http://www.openbsd.org/faq/pf/ftp.html >>> >> >> Unfortunately, the router/NAT firewall can be neither replaced nor >> tweaked, since it's a modem/router provided by our ISP. >> >> Actually, we don't necessarily need an FTP. Whatever solution to send >> files is fine, provided I can add this feature in a VB Classic client >> application. >> Hi, May be you can consider using sshd + sftp on Server. (Single Port for just about everything, see below) PSCP or PSFTP (from same as PuTTY) allow send / receive file via command line, eg. you can issue "exec" from VB to send files. "pscp [options] source [source...] [user@]host:target" (PSFTP is prefer over PSCP, but PSCP is simple) http://www.putty.nl/download.html Also, bind sshd on high port will prevent too many port scan and the connection is consider to be more secure than ftp. IMHO, sftp is more easily managed than ftp in the long run (Both Server and Client). ps. I also use ssh to forward 3389, the M$ Terminal Server (even XP has one), no need for PC ANYWHERE. If you need to solve problem remotely, you don't need to open another port (PC ANYWHERE needs 2). J. >> >> > Running an FTP behind a home DSL router is perfectly possible. You > will just have to open a range of ports on the router itself eg > 25000-25050 and forward them to your ftp server internal IP > address. Then set the FTP server to only use these ports for > passive transfers. > > For example, I am using ftp/proftpd and have this directive in the > configuration file: > > PassivePorts 25000-25050 > > You will, of course, need to forward port 21 as well. > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions- > unsubscribe@freebsd.org"