From owner-freebsd-questions  Wed Jun  5 22:29:39 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mta-2.gci.net (mta-2.gci.net [208.138.130.83])
	by hub.freebsd.org (Postfix) with ESMTP id 5753637B405
	for <questions@freebsd.org>; Wed,  5 Jun 2002 22:29:35 -0700 (PDT)
Received: from mmp-2.gci.net ([208.138.130.81]) by mta-2.gci.net
          (Netscape Messaging Server 4.15) with ESMTP id GX9R9900.3P9 for
          <questions@freebsd.org>; Wed, 5 Jun 2002 21:29:33 -0800 
Received: from [24.237.15.200] ([24.237.15.200]) by
          mmp-2.gci.net (Netscape Messaging Server 4.15) with ESMTP id
          GX9R9900.SBR for <questions@freebsd.org>; Wed, 5 Jun 2002 21:29:33 -0800 
User-Agent: Microsoft Outlook Express Macintosh Edition - 5.01 (1630)
Date: Wed, 05 Jun 2002 21:29:31 -0800
Subject: Re: More Natd?
From: Mark-Nathaniel Weisman <mark@outlander.us>
To: <questions@freebsd.org>
Message-ID: <B924333A.5BB3%mark@outlander.us>
In-Reply-To: <200206060226.g562Q7N13430@mail019.syd.optusnet.com.au>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

Just out of curiosity, do you remember the other port I've got to open in my
firewall? Do you know where I can find the documentation on what you're
saying? I need to get this open. I'd appreciate it greatly.

His Faithful Servant,
Mark


> From: "Michael Ross" <satare@optusnet.com.au>
> Date: Thu, 06 Jun 2002 12:26:07 +1000
> To: "Mark-Nathaniel Weisman" <mark@outlander.us>
> Cc: <questions@freebsd.org>
> Subject: Re: More Natd?
> 
>> Mark-Nathaniel Weisman <mark@outlander.us> wrote:
>> #redirect_port tcp 10.0.0.1:http 80
>> #redirect_port tcp 10.0.0.1:https 443
>> #redirect_port tcp 10.0.0.1:ftp-data 20
>> #redirect_port tcp 10.0.0.1:ftp 21
>> 
>> Obviously without the hashmarks, and without quote marks however, my
>> port 21 redirect does not work. Any ideas?
> 
> afaik, your port 21 redirect will not work because you are
> trying to do nat on ftp. The problem if I remember right is
> that when people transfer files in "active-ftp" mode, the ftp
> daemon opens another port number to talk back to the person
> via.
> 
> The new port should be able to connect out to the user by
> will not allow the user to connect back in (because it isn't
> being nat'd)
> 
> how to solve it is to run passive ftp.. or you might be able
> to look at dynamic rules under ipfw.. not sure on the dynamic
> rules part though.
> 
> hope this helps,
> 
> Michael Ross 
> satare@optusnet.com.au
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message