Date: Sat, 19 Feb 2000 16:45:59 -0700 (MST) From: Charles Mott <cmott@scientech.com> To: questions@FreeBSD.ORG Cc: dc <admin@cyrebels.org> Subject: Re: Redirecting/mapping ports to a local machine... help! Message-ID: <Pine.LNX.4.10.10002191622380.8574-100000@if.scientech.com> In-Reply-To: <20000219180014.B60348@cc942873-a.ewndsr1.nj.home.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 19 Feb 2000, Crist J. Clark wrote:
> On Sat, Feb 19, 2000 at 11:15:32AM -0700, Ivan Fetch wrote:
> > On Sat, 19 Feb 2000, dc wrote:
> > > Hi,
> > >
> > > i've got 2 computers, 1 on freebsd, the other on windows. They are
> > > sharing the net using natd. But i got a ftp server on port 42 of my
> > > windows box, and i want to make it available from the outside... i tried
> > > to do it with "redirect_port", here goes my natd.conf file:
> > >
> > >
> > > ### Configuration file for Natd
> > >
> > > alias_address 24.226.185.143
> > > redirect_port tcp 192.168.0.2:42 42
> > > redirect_port udp 192.168.0.2:42 42
> > >
> > > ### End
> > >
> > >
> > > then i launched "natd -conf /etc/natd.conf", both computers were sharing
> > > the net as before, though i couldn't access the ftp server from the
> > > outside.
> > >
> > > I can connect to the ftp server from the bsd box using the local ip
> > > (19.168.0.2)....
> >
> > Hello,
> > Your Windows FTP server does work on port 42:
> > ftp your_Internet_IP 42
> >
> > Connected to u-serv FTP...
> >
> > I am not sure if this is why things were not working when you tedted them,
> > but testing your ftp connection from inside your LAN (192.168.X.X) will
> > not work. Maybe telnet to another machine on the Internet and then try
> > FTPing back to your FreeBSD box for testing purposes.
>
> Doing FTP over a NAT box is problematic due to the two-channel nature
> of FTP. As far as I know, NAT cannot fully support the FTP protocol.
> --
> Crist J. Clark cjclark@home.com
>
>
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-questions" in the body of the message
>
It looks like "dc" is the originator of this thread. I think
this should actually work, although I do not see 24.226.185.143
as a live address right now. If "dc" could enable port 42
forwarding on a working IP address, I'll check what is going
one.
Here are the problem solving steps:
(1) Make a telnet connection to port 42 from the outside
through the natd box and verify that the control channel
is working as expected.
(2) In non-passive mode (the default), the FTP server will
originate data connections. In this case the FTP server
on the inside will initiate a data connection from port
20 that should be correctly aliased through the natd
box to the client machine. You can observe this traffic
by doing a tcpdump on the inside ethernet interface.
tcpdump -n -i <ethernet device> host 192.168.0.2
Natd also has a debugging mode showing how it is re-
writing the packets. This should be looked at also.
Running tcpdump and looking at packets always eliminates
quite a bit of confusion. I could be wrong, but I remember
mapping ftp to an inside server without any problems.
If you are trying to connect via a passive mode client,
then it would also be necessary to re-map the data port to
the inside.
Charles Mott
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.10.10002191622380.8574-100000>