From owner-freebsd-questions@FreeBSD.ORG Fri Jan 21 16:09:23 2005 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 686B016A4CE for ; Fri, 21 Jan 2005 16:09:23 +0000 (GMT) Received: from mail16.speakeasy.net (mail24.sea5.speakeasy.net [69.17.117.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2E1D143D2D for ; Fri, 21 Jan 2005 16:09:23 +0000 (GMT) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: (qmail 26062 invoked from network); 21 Jan 2005 16:09:23 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail16.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 21 Jan 2005 16:09:22 -0000 Received: by be-well.ilk.org (Postfix, from userid 1147) id 6BB647E; Fri, 21 Jan 2005 11:09:22 -0500 (EST) Sender: lowell@be-well.ilk.org To: Lucas Holt References: From: Lowell Gilbert Date: 21 Jan 2005 11:09:22 -0500 In-Reply-To: Message-ID: <441xcesr0t.fsf@be-well.ilk.org> Lines: 45 User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.3 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: FreeBSD Questions Subject: Re: ftp/fetch can not connect to ftp sites. X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: FreeBSD Questions List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 21 Jan 2005 16:09:23 -0000 Lucas Holt writes: > I am running FreeBSD 5.3 Release p4, upgraded from 5.2.1. Prior to > 5.3 p4, I was able to use command line ftp and fetch to access ftp > sites. Since the upgrade I have not been able to. I can not connect > to ftp.freebsd.org (or mirrors), ftp.x.org, etc. Any port using an > http server works fine using portupgrade, but with about 30 ports to > upgrade its kind of annoying to manually fetch files :) > > I do have ipfw setup and running. It is possible that it is a config > issue with ipfw, but I am doubtful. The kernel does not have inet6 > (ip6) compiled in and occasionally I see the ftp client resolving ip6 > addresses which I find odd. It often does this resolving > ftp.freebsd.org which I think is hosted at ISC. I've tried ipfw > disable firewall and kldunload'ing the ipfw extension in the kernel. > I can connect to ftp sites using firefox in x11 and from Linux & > windows on the same box with the same ip defined. My cable modem > router has this system setup as the dmz. I looked at the fetch man > page and it has an environment variable (man 3 fetch) > FTP_PASSIVE_MODE. I've toggled this to yes and no in the environment > with no effect. > > Also, I happen to have ip_portrange_first and ip_portrange_last set in > /etc/rc.conf to 4000 and 8000 respectively. The system has a custom > built kernel with SMP enabled as I have a dual xeon w/ htt disabled. > > I am at a loss why this is not working. Since I got the cable modem, > I've noticed that pasv mode connections are flaky and i usually have > to switch to port in windows ftp apps especially if the server on the > other end is behind a firewall. I've tried toying with command line > flags to ftp also. Sometimes -4 -A -a will get me into some ftp > servers command line. It sounds like you have a new firewall (intentionally or not) in the form of your cable "modem." Why do you have the portrange set low? The fact that you apparently have similar problems under other operating systems may indicate that FreeBSD can't actually solve this for you. If your cable modem is doing firewalling (or, even more insidious, NAT) without your knowledge, then you will need to understand just how it is configured before you can make any progress at all. -- Lowell Gilbert, embedded/networking software engineer, Boston area http://be-well.ilk.org/~lowell/