Date: Wed, 05 Jun 2002 21:29:31 -0800 From: Mark-Nathaniel Weisman <mark@outlander.us> To: <questions@freebsd.org> Subject: Re: More Natd? Message-ID: <B924333A.5BB3%mark@outlander.us> In-Reply-To: <200206060226.g562Q7N13430@mail019.syd.optusnet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
Just out of curiosity, do you remember the other port I've got to open in my firewall? Do you know where I can find the documentation on what you're saying? I need to get this open. I'd appreciate it greatly. His Faithful Servant, Mark > From: "Michael Ross" <satare@optusnet.com.au> > Date: Thu, 06 Jun 2002 12:26:07 +1000 > To: "Mark-Nathaniel Weisman" <mark@outlander.us> > Cc: <questions@freebsd.org> > Subject: Re: More Natd? > >> Mark-Nathaniel Weisman <mark@outlander.us> wrote: >> #redirect_port tcp 10.0.0.1:http 80 >> #redirect_port tcp 10.0.0.1:https 443 >> #redirect_port tcp 10.0.0.1:ftp-data 20 >> #redirect_port tcp 10.0.0.1:ftp 21 >> >> Obviously without the hashmarks, and without quote marks however, my >> port 21 redirect does not work. Any ideas? > > afaik, your port 21 redirect will not work because you are > trying to do nat on ftp. The problem if I remember right is > that when people transfer files in "active-ftp" mode, the ftp > daemon opens another port number to talk back to the person > via. > > The new port should be able to connect out to the user by > will not allow the user to connect back in (because it isn't > being nat'd) > > how to solve it is to run passive ftp.. or you might be able > to look at dynamic rules under ipfw.. not sure on the dynamic > rules part though. > > hope this helps, > > Michael Ross > satare@optusnet.com.au > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?B924333A.5BB3%mark>