From owner-freebsd-newbies@FreeBSD.ORG Fri Feb 18 12:49:14 2005 Return-Path: Delivered-To: freebsd-newbies@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0756B16A4CE for ; Fri, 18 Feb 2005 12:49:14 +0000 (GMT) Received: from smtp05.mrf.mail.rcn.net (smtp05.mrf.mail.rcn.net [207.172.4.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id 414B243D54 for ; Fri, 18 Feb 2005 12:49:11 +0000 (GMT) (envelope-from crzdgns1@starpower.net) Received: from ms07.mrf.mail.rcn.net (207.172.4.13) by smtp05.mrf.mail.rcn.net with ESMTP; 18 Feb 2005 07:48:12 -0500 X-IronPort-AV: i="3.90,98,1107752400"; d="scan'208"; a="5997550:sNHT20783864" Received: from 216.15.60.30 by ms07.mrf.mail.rcn.net (MOS 3.5.6-GR) with HTTP/1.1; Fri, 18 Feb 2005 07:48:10 -0500 Date: Fri, 18 Feb 2005 07:48:10 -0500 From: To: freebsd-newbies@freebsd.org X-Mailer: Mirapoint Webmail Direct 3.5.6-GR MIME-Version: 1.0 Message-Id: <8272bee3.d08cf70f.81b8900@ms07.mrf.mail.rcn.net> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: FTP Client and IPFilter X-BeenThere: freebsd-newbies@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Gathering place for new users List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Feb 2005 12:49:14 -0000 Hello, This ia a slightly longer post and I am not sure if it belongs here or in freebsd-questions. If it belongs in freebsd-questions, please let me know and I will post it there. Now then... I think I am beginning to accept the fact that I can't read, so I'll just state that condition from the beginning. I have installed FreeBSD-5.3-RELEASE and use IPFilter as my firewall. I have only one machine, with a cable modem connection to the internet. I have been following the directions in the Handbook, or so I thought, until yesterday. Yesterday I posted a message here titled something like "Which FTP do I have?" and received many helpful replies. Thank you! My FTP client still doesn't work and the reason it doesn't work is, I believe, I didn't follow the directions, which I discovered upon further reading of the handbook last night. My questions for today are mostly for clarification of what is written in the handbook, starting at section 24.5.18, Enabling IPNAT. I do not currently have IPNAT enabled. Given that I am a homeuser with only one machine, must I have IPNAT enabled for FTP to work properly? The ipf.rules in the handbook seem to indicate so, but I would appreciate confirmation. Secondly, the first rule in section 24.5.18 enables the computer as a gateway. I was under the impression that it is wisest not to use this rule unless you genuinely intend to use the machine in question as a gateway. Am I correct? If so, can I leave the first rule out and just include the second and third rules and still expect the IPNAT FTP proxy to function? Thirdly, I am trying to follow the directions, believe it or not. Assume for the moment that I use all three rules listed in 24.5.18 of the handbook. Since I have only one computer, can I then skip directly to section 24.5.21.1, IPNAT Rules, add the three rules there, and then have a reasonable expectation that FTP will work properly from behind my firewall? Again, I am using the ipf.rules listed in the handbook. Thanks, Mark