Date: Sun, 30 Dec 2001 12:30:41 +0100 From: J.S. <johann@broadpark.no> To: freebsd-questions@freebsd.org Subject: HELP! Cisco 677i-DIR ADSL-router/modem causing annoyance! Message-ID: <20011230123041.6307bae9.johann@broadpark.no>
next in thread | raw e-mail | index | archive | help
Hello again,
This must be the 3rd time I post this message. And I'm going to keep doing
so untill somebody helps me =)
Anyone here with an Cisco 677i-DIR ADSL-router running NAT between you and
you ISP? Which happens to requires a port redirection entry through telnet
each time you want to open a new port?
I'm on an ADSL connection with one static IP. I'm not running NAT, the
Cisco is. And I find it hard sometimes getting my will when a black ugly
box is blocking my entrance.
All ordinary daemons; SSHD, FTPD, BIND, Apache etc. works great. This is
the commands that I've so far added to the router:
ftpd/sshd: set nat entry add 10.0.0.2 20-22 0.0.0.0 20-22 tcp
www: set nat entry add 10.0.0.2 80 0.0.0.0 80 tcp
bind: set nat entry add 10.0.0.2 53 0.0.0.0 53 tcp
identd: set nat entry add 10.0.0.2 113 0.0.0.0 113 tcp
I'm a bit uncertain, however, when it comes to opening a port or range of ports
to get passive FTP mode working on my virtual ProFTPD server (port 2001), as well
as DCC in Irssi. I've heard those services go through the IANA-registered
ephemeral port-range (49152-65535);
sysctl net.inet.ip.portrange.hifirst
/net.inet.ip.portrange.hilast
So I went ahead opening those ports as well. Just about to close them
though. Passive and DCC is not working. Incoming DCC file transfers are,
according to Irssi, coming from ports way lower -- i.e. 4384. That can't
be right?
What do I open and what do I not?
Thanks.
Regards,
Johann
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011230123041.6307bae9.johann>