[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: your mail - sorry for empty subject.

Quoting -= dara =- <daramannen@hotmail.com>:

> I was probably a bit unclear in my question, sorry.
> I believe ip_masq_ftp is only used for enabling FTP clients on the
> internal ( network to connect to an FTP server on the external
> (internet in my case) network. Please correct me if I am wrong.

You are correct - that's all it does.

> What I want, is a way for people on internet to be able to connect (both
> active and passive) to my FTP server. And my FTP server (
> is located on the internal network.

I've done it just by forwarding Port 21 to the internal machine from the 
firewall. That's all I did.

> With portforwarding, it is possible to make both active and passive
> connections. But with passive it is not possible to fetch any data. I
> believe this is becasue my firewall ( is not accepting the
> FTP servers request to open a new port. Can I make a ipchains rule to allow
> this?

Sounds like you've got a broken FTP server. Let me get this straight - you can 
connect to the server, but you can't ls or get or put any data.

I'm wondering if you're using a chroot jailed FTP server, and you don't have the 
right binaries in the chroot jail. I could be missing the target here though.


"I do not agree with what you say,
but I will defend to the death your right to say it." 
Francois Marie Arouet Voltaire (1694-1778)

Reply to: