Date: Thu, 06 Jun 2002 12:26:07 +1000 From: Michael Ross <satare@optusnet.com.au> To: Mark-Nathaniel Weisman <mark@outlander.us> Cc: questions@freebsd.org Subject: Re: More Natd? Message-ID: <200206060226.g562Q7N13430@mail019.syd.optusnet.com.au>
next in thread | raw e-mail | index | archive | help
> Mark-Nathaniel Weisman <mark@outlander.us> wrote: > #redirect_port tcp 10.0.0.1:http 80 > #redirect_port tcp 10.0.0.1:https 443 > #redirect_port tcp 10.0.0.1:ftp-data 20 > #redirect_port tcp 10.0.0.1:ftp 21 > > Obviously without the hashmarks, and without quote marks however, my > port 21 redirect does not work. Any ideas? afaik, your port 21 redirect will not work because you are trying to do nat on ftp. The problem if I remember right is that when people transfer files in "active-ftp" mode, the ftp daemon opens another port number to talk back to the person via. The new port should be able to connect out to the user by will not allow the user to connect back in (because it isn't being nat'd) how to solve it is to run passive ftp.. or you might be able to look at dynamic rules under ipfw.. not sure on the dynamic rules part though. hope this helps, Michael Ross satare@optusnet.com.au To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200206060226.g562Q7N13430>