From owner-freebsd-questions Tue May 25 14:37:58 1999 Delivered-To: freebsd-questions@freebsd.org Received: from megamail.megared.net.mx (megamail.megared.com.mx [207.249.162.252]) by hub.freebsd.org (Postfix) with SMTP id CF3FC15A18 for ; Tue, 25 May 1999 14:37:41 -0700 (PDT) (envelope-from ales@megared.net.mx) Received: from [207.249.163.249] by megamail.megared.net.mx (NTMail 3.03.0017/4c.ab3r) with ESMTP id xa242759 for ; Tue, 25 May 1999 16:34:57 -0500 Message-ID: <009801bea6f6$85912480$f9a3f9cf@megared.net.mx> From: =?iso-8859-1?Q?Alejandro_Ram=EDrez?= To: "Ed Keith" Cc: "freebsd-questions" References: <37488BDD.DDB88F1D@kew.com> <01f701bea602$067c2fe0$f9a3f9cf@megared.net.mx> <374A270C.E7FF8E42@kew.com> <014801bea6bf$fb8033c0$f9a3f9cf@megared.net.mx> <374AF773.68CC17E3@kew.com> Subject: RE: which ftp proxy? Date: Tue, 25 May 1999 16:35:33 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 8bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 5.00.2014.211 X-MimeOLE: Produced By Microsoft MimeOLE V5.00.2014.211 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Hi, You should try to enable natd, it will do what you want, and its better than having a proxy server, anyway in one case or another, you will be routing packets fron one interface to another, you can´t avoid that, enabling natd its very simple, just set these lines in the /etc/rc.conf file: gateway_enable="YES" # Set to YES if this host will be a gateway. natd_enable="YES" # Enable natd (if firewall_enable == YES). natd_interface="fxp0" # Public interface to use with natd (it´s your outside interface). natd_flags="" # Additional flags for natd (see "man natd"). Ales ----- Original Message ----- From: Ed Keith To: Alejandro Ramírez Cc: freebsd-questions Sent: Tuesday, May 25, 1999 2:18 PM Subject: Re: which ftp proxy? > No packets get through the firewall. The firewall system is dual homed. No > packets are routed between the two addresses. (The internal network is > 192.168.19.x, so it would be very bad if packets were routed.) > If I want to ftp out I need to log onto the firewall machine and ftp from there > then ftp again (using an ftp server on the firewall that only connects to the > inside network) from the firewall to my desktop. > > -EdK > > Alejandro Ramírez wrote: > > > Hi, > > > > If you are behind a firewall, and the ports: > > > > ftp-data 20/tcp #File Transfer [Default Data] > > ftp-data 20/udp #File Transfer [Default Data] > > ftp 21/tcp #File Transfer [Control] > > ftp 21/udp #File Transfer [Control] > > > > aren´t specifically blocked out by your system administrator (that i don´t > > think they are), you must use the "passive" mode in ftp transfers, the > > "passive" mode must be used always that you are behind a firewall, this is a > > rule to have a good ftp session, if your system administrator did > > specifically blocked out this ports, you may ask him to unblock them out (in > > /etc/rc.firewall), since this is simpler than to install a proxy server. And > > if you want to have more security in your network, and you have already > > configured ipfw, then you may try to enable "natd" (network address > > translation), it will let you have private ip addresses in your network and > > go outside with a public address for all of your machines (instead of > > installing a proxy server) but you still will have to use the "passive" mode > > in ftp transfers. > > > > Ales > > > > ----- Original Message ----- > > From: Ed Keith > > To: Alejandro Ramírez > > Cc: freebsd-questions > > Sent: Monday, May 24, 1999 11:29 PM > > Subject: Re: which ftp proxy? > > > > > I don't think that will help since all packets are blocked by the > > firewall. > > > I think I need to use a proxy server. But I don't know which one would be > > > best for my needs. (very small network, light volume, newbe site admin., > > > paranoid domain administrator who may want me to justify why I picked the > > one > > > decide to use.) > > > > > > -EdK > > > > > > > > > Alejandro Ramírez wrote: > > > > > > > Hi, > > > > > > > > Try the "passive" option in the ftp program. > > > > > > > > Ales > > > > > > > > ----- Original Message ----- > > > > From: Ed Keith > > > > To: freebsd-questions > > > > Sent: Sunday, May 23, 1999 6:14 PM > > > > Subject: which ftp proxy? > > > > > > > > > I'm running FreeBSD 2.28 and ipfw. I want to install an ftp proxy so I > > > > > can connect to ftp sites from behind the firewall. What is > > recommended? > > > > > > > > > > Thanks in advance, > > > > > -EdK > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message