Date: Wed, 3 Dec 2003 22:51:50 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: fbsd_user <fbsd_user@a1poweruser.com> Cc: "freebsd-questions@FreeBSD. ORG" <freebsd-questions@FreeBSD.ORG> Subject: Re: IPFILTER & active ftp client Message-ID: <20031203224825.Q94848-100000@cactus.fi.uba.ar> In-Reply-To: <MIEPLLIBMLEEABPDBIEGKEGFEPAA.fbsd_user@a1poweruser.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 3 Dec 2003, fbsd_user wrote: > > I have this rule in my Nat rules file. I can see my filter rule > allow the FTP request to pass through, but I don't see packet return > back on high port number for data transmission. IT looks like the > NAT proxy is not opening hole for return data port. > > The Nat rules I am using follow > # Provide special NAT services for Active FTP from LAN users. > map rl0 0/0 -> 0/32 proxy port 21 ftp/tcp is rl0 your external interface? Besides, I've had problems with this setup. Change it to map rl0 10.0.10.0/29 -> 0/32 proxy port 21 ftp/tcp Fer
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031203224825.Q94848-100000>