From owner-freebsd-questions@FreeBSD.ORG Thu Sep 7 19:01:11 2006 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B9B0616A4E0 for ; Thu, 7 Sep 2006 19:01:11 +0000 (UTC) (envelope-from admin2@enabled.com) Received: from typhoon.enabled.com (typhoon.enabled.com [216.218.220.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7664D43D69 for ; Thu, 7 Sep 2006 19:01:10 +0000 (GMT) (envelope-from admin2@enabled.com) Received: from [172.24.241.5] (natint3.juniper.net [66.129.224.36]) (authenticated bits=0) by typhoon.enabled.com (8.13.8/8.13.8) with ESMTP id k87J182R047611 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 7 Sep 2006 12:01:10 -0700 (PDT) (envelope-from admin2@enabled.com) Message-ID: <45006C4E.4060001@enabled.com> Date: Thu, 07 Sep 2006 12:00:30 -0700 From: Noah User-Agent: Thunderbird 1.5.0.5 (Macintosh/20060719) MIME-Version: 1.0 To: freebsd-questions@freebsd.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: rc.firewall rule for passive FTP from FTP server side X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 07 Sep 2006 19:01:11 -0000 It appears that FTP clients using FTP are not able to interact passively with my FTP server. I am wondering if there is a rule somebody could point me to that works rather well. ${ip} is the IP address fo the server (not the client). this does not work. ---- snip ---- #/** Allow setup of FTP PASSIVE **/ ${fwcmd} add allow tcp from ${ip} to any 1024-65534 keep-state ${fwcmd} add allow tcp from ${ip} to any 21 keep-state --- snip ---- cheers, Noah