Date: Mon, 10 May 1999 10:26:16 +0200 From: Thierry Herbelot <Thierry.Herbelot@alcatel.fr> To: Brian Somers <brian@Awfulhak.org> Cc: thierry.herbelot@alcatel.fr, questions <questions@FreeBSD.ORG> Subject: Re: Passive FTP with natd ? (FIXED) Message-ID: <37369828.6350383E@telspace.alcatel.fr> References: <199905071517.QAA00854@keep.lan.Awfulhak.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hello, My problem came from the interaction of a restrictive firewall (using the "simple" template from rc.firewall) which denies socket setups coming from the TCP port nr 20. (it was not possible to get an FTP dowload from the Internet to the gateway either) I've added an "add pass tcp from any to any 20 setup" rule in the firewall ruleset (along with a deny setup from 20 to services running on the gateawy). And now, everything's fine (I've finally downloaded RH 6.0). In summary : natd does allow an incomong ftp data conection (and translates the port command), but the connection was denied by the firewall. Thanks to all who answered TfH Brian Somers wrote: > > [.....] > > Thus : is it possible to setup natd so as to modify FTP packets ? > > (is there a specific rule to insert into rc.firewall ?) > > > > TIA > > > > TfH > [.....] > > It already does - however, if you're not using the ftp port (21) to > send the PORT command, libalias won't look for anything.... > > Also, there was an egcs bug in libalias (fixed by Louqi) that stopped > the PORT command detection stuff working, but you said you sup'd in the > last week, so that shouldn't be the problem.... > > -- > Brian <brian@Awfulhak.org> <brian@FreeBSD.org> > <http://www.Awfulhak.org>; <brian@OpenBSD.org> > Don't _EVER_ lose your sense of humour ! <brian@uk.FreeBSD.org> > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?37369828.6350383E>