Date: Sun, 16 May 2004 19:16:28 +0200 From: Martin Schweizer <pcservi@spectraweb.ch> To: Gareth Bailey <blygar1@webmail.co.za> Cc: freebsd-questions@freebsd.org Subject: Re: FTP problem with IPFW Message-ID: <20040516171628.GB47884@saturn.pcs.ms> In-Reply-To: <web-309316714@mail01.infosat.net> References: <web-309316714@mail01.infosat.net>
next in thread | previous in thread | raw e-mail | index | archive | help
--ZoaI/ZTpAVc4A5k6 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hello Gareth I had a long time to find a solution for this tricky problem. If you want I= =20 can send you my rc.firewall. Am Tue, May 11, 2004 at 05:13:14PM +0200 Gareth Bailey schrieb: > I have recently setup IPFW on my FreeBSD 5.2 Release > server. I am running natd to provide inet to 5 LAN users. > It also runs mail, apache web server amongst others.=20 >=20 > All seems to be working fine, except for FTP. >=20 > The first two lines of my firewall file are: >=20 > add 1000 allow tcp from any to any via ed0 out keep-state > add 1100 allow udp from any to any via ed0 out keep-state >=20 > ... then later in the file: >=20 > add 3600 allow tcp from any to me dst-port 21 in via ed0 > setup keep-state=20 >=20 > I thought this would be sufficient to establish and > maintain FTP connections. I read through the mailing lists > and it seems that FTP is tricky with IPFW and natd. >=20 > Is there a simple solution to this problem? Can i just add > some other rule to my firewall? I read something about natd > punching through IPFW, is this the answer? >=20 > Any information will be mouch appreciated. >=20 > Thanks, > Gareth (IPFW newbie) > _____________________________________________________________________ > For super low premiums ,click here http://www.dialdirect.co.za/quote > _______________________________________________ > freebsd-questions@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-questions > To unsubscribe, send any mail to "freebsd-questions-unsubscribe@freebsd.o= rg" --=20 Regards, Martin Schweizer <info@pc-service.ch> PC-Service M. Schweizer; Gewerbehaus Schwarz; CH-8608 Bubikon Tel. +41 55 243 30 00; Fax: +41 55 243 33 22; http://www.pc-service.ch; public key : http://www.pc-service.ch/pgp/public_key.asc;=20 fingerprint: EC21 CA4D 5C78 BC2D 73B7 10F9 C1AE 1691 D30F D239; --ZoaI/ZTpAVc4A5k6 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.7 (FreeBSD) iD8DBQFAp6Hswa4WkdMP0jkRApvSAKClkXsMTQn92HcK2ZHHfwhD5AEl8gCgiif9 pbQ/iYp2iC+HYa0hw1tWM0k= =Bu+B -----END PGP SIGNATURE----- --ZoaI/ZTpAVc4A5k6--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20040516171628.GB47884>