From owner-freebsd-questions Sat Jun 2 17:27:42 2001 Delivered-To: freebsd-questions@freebsd.org Received: from hotmail.com (f196.law9.hotmail.com [64.4.9.196]) by hub.freebsd.org (Postfix) with ESMTP id C11E637B422 for ; Sat, 2 Jun 2001 17:27:40 -0700 (PDT) (envelope-from thierryblack@hotmail.com) Received: from mail pickup service by hotmail.com with Microsoft SMTPSVC; Sat, 2 Jun 2001 17:27:40 -0700 Received: from 142.165.70.131 by lw9fd.law9.hotmail.msn.com with HTTP; Sun, 03 Jun 2001 00:27:40 GMT X-Originating-IP: [142.165.70.131] From: "Thierry Black" To: freebsd-questions@freebsd.org Subject: FTP and firewall--HELP Date: Sat, 02 Jun 2001 18:27:40 -0600 Mime-Version: 1.0 Content-Type: text/plain; format=flowed Message-ID: X-OriginalArrivalTime: 03 Jun 2001 00:27:40.0589 (UTC) FILETIME=[FF9B45D0:01C0EBC3] Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG help please kind people! :) I need to set up a FTP serever, no virtual hosts, no anon, just user accounts. User accounts need to be chrooted (/etc/ftpchroot works fine). For those requirements, the stock daemon works fine, but I can't firewall the freaking thing to save my life. But without opening virtually all ports 1024 and up, how can I effectively use FTP in a firewall? I seem to be able to get connections to work, but any PASSIVE transfers fail due to blocked ports. Disabling the firewall corrects the problem. Non-passive transfers also work, but too many clients enable passive mode by default. _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message