Proxy / FTP problem

To: debian-firewall@lists.debian.org
Subject: Proxy / FTP problem
From: "Pieter E Smit" <smitpe@clover.co.za>
Date: Mon, 7 Jun 1999 17:24:38 +0200
Message-id: <[🔎] 42256789.00556493.00@clover.co.za>


The problem,

We connect to ftp server on the public side of the firewall.
Problem:   ftp port moved to 1112, does not support passive mode.
          Only one ip allowed on ftp server (need nat).

Address translation work's fine for all except ftp, the control connection still
fine, but the data connection is a problem.

My understanding. :   For address translation to work with normal ftp , the ftp
packet containing the port command, specifying the port the server must use to
connect back to the client, must be intercepted by the firewall, ip changed, and
incoming on the specified port forwarded back to the original host.

How does Debian / Linux handle address translations, and funny protocols like
ftp, that open connections from the wrong side of a fire-wall ?

Is there prox's for ftp, that support non standard port's ?

Thanks for any info.

Pieter Smit.

Reply to:

Follow-Ups:
- Re: Proxy / FTP problem
  - From: Daniel ANDRE <dandre@iris-tech.fr>

Prev by Date: Lets get active
Next by Date: Re: Proxy / FTP problem
Previous by thread: Lets get active
Next by thread: Re: Proxy / FTP problem
Index(es):
- Date
- Thread