From owner-freebsd-questions@FreeBSD.ORG Thu Jan 15 04:50:20 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1DD1016A4CE for ; Thu, 15 Jan 2004 04:50:20 -0800 (PST) Received: from mta11.adelphia.net (mta11.adelphia.net [68.168.78.205]) by mx1.FreeBSD.org (Postfix) with ESMTP id EFF9443D64 for ; Thu, 15 Jan 2004 04:49:58 -0800 (PST) (envelope-from fbsd_user@a1poweruser.com) Received: from barbish ([67.20.101.103]) by mta11.adelphia.net (InterMail vM.5.01.06.05 201-253-122-130-105-20030824) with SMTP id <20040115124958.FAMT11898.mta11.adelphia.net@barbish>; Thu, 15 Jan 2004 07:49:58 -0500 From: "fbsd_user" To: "Hiren" , "FreeBSD-Questions" Date: Thu, 15 Jan 2004 07:49:58 -0500 Message-ID: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook IMO, Build 9.0.6604 (9.0.2911.0) In-Reply-To: <1074159047.2398.3.camel@fbtab.h3p.co.za> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: RE: running ftpd in a jail X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: fbsd_user@a1poweruser.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 15 Jan 2004 12:50:20 -0000 Your problem is not with FTP, it's with how you have your firewall Nat configured to handle FTP. IPFW has punch rule and IPFILTER has ftp built in proxy rule. In both cases, when they see FTP session start they automatically create temp rules to allow both passive and active ftp through your firewall. You only need an single firewall rule to allow port 21 Check it out -----Original Message----- From: owner-freebsd-questions@freebsd.org [mailto:owner-freebsd-questions@freebsd.org]On Behalf Of Hiren Sent: Thursday, January 15, 2004 4:31 AM To: FreeBSD-Questions Subject: running ftpd in a jail greetings i am setting up a ftp server. since i prefer setting all services within jails, i thought i would setup ftpd within a jail. i was basically NATing the required ports to the jails. i realized that ftpd in passive mode was almost impossible to NAT since it uses a wide range of ports. i then resorted to NATing ports 20 and 21 and using active mode for my server. i wanted to know which mode is more secure and how would i go about setting up ftpd within a jail in passive mode. i would appreciate advice and comments thanks Hiren Patel _______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.org"