Re: Proxy / FTP problem

To: Pieter E Smit <smitpe@clover.co.za>
Cc: debian-firewall@lists.debian.org
Subject: Re: Proxy / FTP problem
From: Daniel ANDRE <dandre@iris-tech.fr>
Date: Mon, 07 Jun 1999 17:45:01 +0200
Message-id: <[🔎] 375BE8FC.91AB7942@iris-tech.fr>
References: <[🔎] 42256789.00556493.00@clover.co.za>


Pieter E Smit a écrit :

> The problem,
>
> We connect to ftp server on the public side of the firewall.
> Problem:   ftp port moved to 1112, does not support passive mode.
>           Only one ip allowed on ftp server (need nat).
>
> Address translation work's fine for all except ftp, the control connection still
> fine, but the data connection is a problem.
>
> My understanding. :   For address translation to work with normal ftp , the ftp
> packet containing the port command, specifying the port the server must use to
> connect back to the client, must be intercepted by the firewall, ip changed, and
> incoming on the specified port forwarded back to the original host.
>
> How does Debian / Linux handle address translations, and funny protocols like
> ftp, that open connections from the wrong side of a fire-wall ?
>
> Is there prox's for ftp, that support non standard port's ?

TIS Firewall Tool kit supports that.

Daniel ANDRE

Reply to:

References:
- Proxy / FTP problem
  - From: "Pieter E Smit" <smitpe@clover.co.za>

Prev by Date: Proxy / FTP problem
Next by Date: SOLVED by ProxyARP was: Problems I can't name proper :-(
Previous by thread: Proxy / FTP problem
Next by thread: rsync over proxy/firewall
Index(es):
- Date
- Thread