From owner-freebsd-questions@FreeBSD.ORG  Wed Sep 21 20:34:36 2005
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: freebsd-questions@freebsd.org
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 60A4016A41F
	for <freebsd-questions@freebsd.org>;
	Wed, 21 Sep 2005 20:34:36 +0000 (GMT) (envelope-from cswiger@mac.com)
Received: from pi.codefab.com (pi.codefab.com [199.103.21.227])
	by mx1.FreeBSD.org (Postfix) with ESMTP id DF9DB43D46
	for <freebsd-questions@freebsd.org>;
	Wed, 21 Sep 2005 20:34:35 +0000 (GMT) (envelope-from cswiger@mac.com)
Received: from localhost (localhost [127.0.0.1])
	by pi.codefab.com (Postfix) with ESMTP id 6450C5D41;
	Wed, 21 Sep 2005 16:34:35 -0400 (EDT)
Received: from pi.codefab.com ([127.0.0.1])
	by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 67059-05; Wed, 21 Sep 2005 16:34:33 -0400 (EDT)
Received: from [10.1.1.209] (nfw1.codefab.com [199.103.21.225])
	by pi.codefab.com (Postfix) with ESMTP id CAD075C6F;
	Wed, 21 Sep 2005 16:34:33 -0400 (EDT)
In-Reply-To: <200509211329.54314.kstewart@owt.com>
References: <20050921202013.15670.qmail@web53305.mail.yahoo.com>
	<200509211329.54314.kstewart@owt.com>
Mime-Version: 1.0 (Apple Message framework v734)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <15D7BC57-66ED-48E7-BF90-070D6B5F324C@mac.com>
Content-Transfer-Encoding: 7bit
From: Charles Swiger <cswiger@mac.com>
Date: Wed, 21 Sep 2005 16:34:13 -0400
To: Kent Stewart <kstewart@owt.com>
X-Mailer: Apple Mail (2.734)
X-Virus-Scanned: amavisd-new at codefab.com
Cc: FreeBSD Questions <freebsd-questions@freebsd.org>
Subject: Re: pls help for ipfw
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 21 Sep 2005 20:34:36 -0000

On Sep 21, 2005, at 4:29 PM, Kent Stewart wrote:
>> my box is running freebsd5.4 with natd and ipfw
>>
>> I have problem about ipfw rule for internal users to
>> access outside tftp server
>
> Did you allow tcp 20 & 21 for ftp.

FTP and TFTP aren't the same thing.

Also, if the original poster is using NAT, you have to coordinate  
settings in the natd configuration to punch holes dynamicly for the  
FTP data channel, see the example posted yesterday from the thread  
"Re: IPFW2+NAT stateful rules VS. FTP"...

-- 
-Chuck