Date: Thu, 13 Oct 2005 11:32:31 -0400 From: Chuck Swiger <cswiger@mac.com> To: Efren Bravo <efrenba@dhl.co.cu> Cc: freeBSD <freebsd-questions@freebsd.org> Subject: Re: ftp problem -ipfw with natd Message-ID: <434E7E0F.3070304@mac.com> In-Reply-To: <WorldClient-F200510131114.AA14000055@dhl.co.cu> References: <WorldClient-F200510131114.AA14000055@dhl.co.cu>
next in thread | previous in thread | raw e-mail | index | archive | help
Efren Bravo wrote: > Hi, > > I've problem with ipfw with natd to access from internal network to > internet ftp sites. From fbsd box i can access to ftp sites. > > vr0 = out interface > 6.34.60.15 = mi pc (winXP) > 8668 = natd <== Why on this rule ntad is tranlated to 8668? > > My rules: > --------- > ... > 00070 divert 8668 ip from any to any in via vr0 8668 is a local port which is commonly used for IPFW to redirect or divert traffic to natd, which is listening there. You can change IPFW and natd to use another port number, which can even be useful if you want to run two copies of natd. Anyway, to get FTP to work right through natd, you either need to use PASV (passive-mode FTP), or you need to put a punch_fw rule in your natd config file, like so: punch_fw 10000:1000 ...where 10000 is the starting rule number, and may need to be adjusted depending on your IPFW ruleset. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?434E7E0F.3070304>