From owner-freebsd-questions Thu May 11 14:10:14 2000 Delivered-To: freebsd-questions@freebsd.org Received: from ntr.net (ha1.ntr.net [206.112.0.10]) by hub.freebsd.org (Postfix) with ESMTP id 0B88237BA0E for ; Thu, 11 May 2000 14:10:07 -0700 (PDT) (envelope-from steffen@ntr.net) Received: from ws028 ([208.60.70.194]) by ntr.net (8.9.3/8.9.3) with SMTP id RAA21410 for ; Thu, 11 May 2000 17:11:11 -0400 (EDT) Message-ID: <002b01bfbb8d$744958d0$fd03a8c0@ws028> From: "Steffen Vorrix" To: Subject: Firewall Problem? Date: Thu, 11 May 2000 17:11:19 -0400 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2919.6700 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2919.6700 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Okay, I am having a problem that I don't understand, and I believe that it is in some way related to our internal FreeBSD firewall. This firewall was put in place by a vendor that we are no longer doing business with, and I am very much a newbie to FreeBSD, so there may be something obvious here that I am missing, but let me explain what is happening. |-----------------------| | Internet | |-----------------------| 208.60.70.x 205.198.90.x |---------| |---------| | FreeBSD | | FreeBSD | |---------| |---------| 192.168.3.x 192.168.0.x |-----------------| |-----------------| | Private Network | | Private Network | |-----------------| |-----------------| |--------| |-------------| |-------------| | Client | | FTP Server1 | | FTP Server2 | |--------| |-------------| |-------------| 192.168.3.x Address 205.198.90.x 205.198.90.x+1 ---> "Public" Address 192.168.0.2 192.168.0.6 ---> Private Address Okay, I am trying to connect to FTP Server 2, and I am having real trouble from my client piece. Here is what happens. I open a connection, and get prompted for a user name, then a password. I am authenticated properly, and brought to the system prompt. However, if I issue a dir or ls or get or anything else, the server accepts the command, says opening port for blah blah, then just appears to stop responding. If I am using the Microsoft client from the command prompt, I actually have to end DOS box, as the client will not ctrl-c break. The interesting thing is that I can connect to Server 1 without a single problem. I can get files without issue. And here is the other interesting part. Anyone from other Internet connections can FTP to Server 2 without ANY trouble, so it would appear to be something that MY firewall is doing where my client is located. I have waxed every IPFW rule, and am running with the very basic rule set on my client end: 00010 divert 8668 ip from any to any via fxp0 00015 allow ip from any to any This is the ONLY thing that is not working, and I am COMPLETELY baffled. Oh, and I can't FTP to Server 2 from the FreeBSD console either. HELP PLEASE! I really need to get this working, but I don't know what is going on. I can send tcpdump logs from both FreeBSD firewalls, from both "public" and "private" addresses if this is helpful. If this is confusing, please let me know and I can clarify. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message