Date: Thu, 27 Dec 2001 19:06:01 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Darryl Hoar <darryl@osborne-ind.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: Re: ftp & FreeBSD firewall Message-ID: <20011227190259.S79964-100000@cactus.fi.uba.ar> In-Reply-To: <000001c18f1f$8fa66750$0701a8c0@darryl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 27 Dec 2001, Darryl Hoar wrote: > Greetings, > I built a Freebsd firewall according to the instructions at > http://www.schlacter.net:8500/public/FreeBSD-STABLE_and_IPFILTER.html > > The firewall/router is working fine. > > My network consists mostly of Windows PC's. Since I've put the firewall > in place, they have been unable to use ftp to retrieve files from the web. > I have tried cuteftp, ws_ftp and microsofts ftp clients on these windows > machines. I have set them up to use passive , but the firewall settings > in these clients don't make sense. > > What do I need to do to safely let my Windows users use ftp to retrieve/put > files on the internet ? If you are using ipf, you can use ipnat's built in ftp proxy. Just add a line map xl0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp to the top of your ipnat.rules file (change xl0 to match your external interface). and then reload the nat rules: # ipnat -FC -f /etc/ipnat.rules Fer > > I can't update all the pc's to FreeBSD, at least not yet. > > thanks for ideas, > > Darryl > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011227190259.S79964-100000>