Date: Sat, 10 Sep 2005 11:20:35 -0400 From: Chuck Swiger <cswiger@mac.com> To: Peter Rosa <prosa@pro.sk> Cc: FreeBSD IPFW <freebsd-ipfw@freebsd.org> Subject: Re: IPFW2+NAT stateful rules VS. FTP Message-ID: <4322F9C3.10407@mac.com> In-Reply-To: <001501c5b616$0fb62c20$3501a8c0@pro.sk> References: <001501c5b616$0fb62c20$3501a8c0@pro.sk>
next in thread | previous in thread | raw e-mail | index | archive | help
Peter Rosa wrote: [ ... ] > Or is it better to use /etc/nad.conf to redirect all incomming connections > on ports 20 and 21 to localhost? > > Any help is *very* appreciated :-) If you use "passive mode" FTP, that ought to work fine. If you use "active mode" FTP, you ought to use the FTP proxying built into NATD (see the -use_sockets and -punch_fw options), which is aware of the FTP data channel. You should not attempt to use port forwarding when you are also using NAT unless you know what you are doing. Without special measures being taken on the machine being forwarded to, it will ignore such traffic because the IP addresses won't match. -- -Chuck
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4322F9C3.10407>