Re: FTP Server behind firewall.
> I've set up wu-ftpd on a machine behind my firewall & forwarded port 21 to
> the internal machine. I've also set up wu-ftpd's "passive address" config
> The last bit that I'm stuck with is the actual firewall rules. I only
> users to connect to my ftp at once, so what is the best way to forward the
> ports I have defined in "passive address" to their matching ports on the
> internal server?
> I've defined 100 ports for use, so I'd rather not have to go through and
> define them all 1 by 1 if I can avoid it....
I had a look at using ftp behind a firewall, with the help of ipmasqadm and
the ip_masq_ftp module, and there is yet more to it. The kernel will time
out the control connection (I think) during long transfers using the data
Now I remembr investigating a patch for 2.2 kernels which purported to solve
the reliability problems, that would have occured, but as 2.2.16 and beyond
had security fixes which clashed, I took another approach, to avoid
tunneling ftp server through the firewall. This had also the benefit of not
having to educate Mac users in the difference between active and passive
I believe 2.4's iptables has been enhanced to simplify the handlign and make
this much easier, as it can track the connections, but I haven't used it