From owner-freebsd-questions  Mon Feb  4 11: 1:42 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from relay03.roc.frontiernet.net (alteon01h.roc.frontiernet.net [66.133.130.238])
	by hub.freebsd.org (Postfix) with SMTP id 68B7C37B42C
	for <questions@freebsd.org>; Mon,  4 Feb 2002 11:01:30 -0800 (PST)
Received: (qmail 17271 invoked from network); 4 Feb 2002 19:01:28 -0000
Received: from unknown (HELO blacklamb.mykitchentable.net) ([207.173.227.80]) (envelope-sender <drew@mykitchentable.net>)
          by relay03.roc.frontiernet.net (qmail-ldap-1.03) with SMTP
          for <questions@freebsd.org>; 4 Feb 2002 19:01:28 -0000
Received: from tagalong (unknown [165.107.42.196])
	by blacklamb.mykitchentable.net (Postfix) with SMTP id 47275EE6C3
	for <questions@freebsd.org>; Mon,  4 Feb 2002 09:35:13 -0800 (PST)
Message-ID: <00b901c1ada2$4d304200$c42a6ba5@lc.ca.gov>
From: "Drew Tomlinson" <drew@mykitchentable.net>
To: <questions@freebsd.org>
Subject: Active FTP Through Firewall?
Date: Mon, 4 Feb 2002 09:35:03 -0800
MIME-Version: 1.0
Content-Type: text/plain;
	charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2600.0000
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG

I'm using ipfw on 4.5-Release.  I have created a rule set based on the
rc.firewall.current script found at
http://www.bsdtoday.com/2000/December/Features359.html and have been
using it successfully for several months.  Passive FTP transfers
initiated from the inside will work through the firewall just fine.
However, active transfers do not.  I'd like to get active transfers
working so that my backup software can update its virus protection data
files without my intervention.  Is there a rule I can add to open port
20 when I initiate a FTP transfer?  I have seen the punch_fw option in
natd but I am not using natd (NAT is handled by my DSL modem/router).
I've searched Google but have not found a definitive answer although I
suspect I can not do what I want.  Can anyone confirm or deny my
suspicions?

Thanks,

Drew


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message