From owner-freebsd-questions Tue Mar 6 23:23:51 2001 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.dev.itouchnet.net (mx1.dev.itouchnet.net [196.14.181.66]) by hub.freebsd.org (Postfix) with ESMTP id B1E5837B718 for ; Tue, 6 Mar 2001 23:23:42 -0800 (PST) (envelope-from bvi@devco.net) Received: from nobody by mx1.dev.itouchnet.net with scanned_ok (Exim 3.16 #1) id 14aYMW-000GFs-00 for freebsd-questions@freebsd.org; Wed, 07 Mar 2001 09:27:56 +0200 Received: from [196.14.181.39] (helo=e0-ter-fw1.dev.itouchnet.net) by mx1.dev.itouchnet.net with esmtp (Exim 3.16 #1) id 14aYMW-000GFd-00 for freebsd-questions@freebsd.org; Wed, 07 Mar 2001 09:27:56 +0200 Received: from daemon.prv.dev.itouchnet.net ([192.168.8.10]) by e0-ter-fw1.dev.itouchnet.net with esmtp (Exim 3.15 #1) id 14aYLE-0004KC-00 for freebsd-questions@freebsd.org; Wed, 07 Mar 2001 09:26:36 +0200 Received: from bvi by daemon.prv.dev.itouchnet.net with local (Exim 3.16 #1) id 14aYLq-000Or1-00; Wed, 07 Mar 2001 09:27:14 +0200 Date: Wed, 7 Mar 2001 09:27:14 +0200 From: Barry Irwin To: "G. Jason Middleton" Cc: freebsd-questions@freebsd.org Subject: Re: forwarding ftp requests using natd Message-ID: <20010307092714.F79442@devco.net> References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from gmiddl1@gl.umbc.edu on Wed, Mar 07, 2001 at 01:07:11AM -0500 X-Checked: This message has been scanned for any virusses and unauthorized attachments. X-iScan: Version $Id: iScan,v 1.26 2000/10/08 14:12:55 rip Exp $ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed 2001-03-07 (01:07), G. Jason Middleton wrote: > > here is how my network is set up > > running natd of course > > internet ip is on de0 65.... > internal ip is on dc0 192.168.0.1 > > the ftp server is 192.168.0.200 > > how do i forward outside requests to the ftp server? > > I have tried natd -redirect_port tcp 10.0.0.2:23 23 -interface pe0 > using my own ip address of course but i go the following error > > natd: Unable to bind divert socket.: Address already in use Have you got another natd already listening/running ? Remember you need to use ipfw rules to pass packets to natd (man ipfw) Also the port you need is port 21 (ftp-command) rather than 23 (telnet). Be aware tho that there are some problems with running an ftp server behind a natd, in that if the client is also behind a nat box/firewall, they will not be able to connect due to the issues involved in active/passive opens. The best solution I have found is to run a ftp gateway on the firewall box. This allows for full active/passive connections, with the minimum of fuss. have a look at jftpgw http://www.mcknight.de/jftpgw/ Barry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message