Re: your mail - sorry for empty subject.
Quoting -= dara =- <daramannen@hotmail.com>:
> I was probably a bit unclear in my question, sorry.
>
> I believe ip_masq_ftp is only used for enabling FTP clients on the
> internal (192.168.1.0) network to connect to an FTP server on the external
> (internet in my case) network. Please correct me if I am wrong.
You are correct - that's all it does.
> What I want, is a way for people on internet to be able to connect (both
> active and passive) to my FTP server. And my FTP server (192.168.1.13)
> is located on the internal network.
I've done it just by forwarding Port 21 to the internal machine from the
firewall. That's all I did.
> With portforwarding, it is possible to make both active and passive
> connections. But with passive it is not possible to fetch any data. I
> believe this is becasue my firewall (192.168.1.1) is not accepting the
> FTP servers request to open a new port. Can I make a ipchains rule to allow
> this?
Sounds like you've got a broken FTP server. Let me get this straight - you can
connect to the server, but you can't ls or get or put any data.
I'm wondering if you're using a chroot jailed FTP server, and you don't have the
right binaries in the chroot jail. I could be missing the target here though.
Andrew
"I do not agree with what you say,
but I will defend to the death your right to say it."
Francois Marie Arouet Voltaire (1694-1778)
Reply to: