Re: your mail - sorry for empty subject.
Andrew Pritchard (andrew@teppic.co.uk) wrote:
> > What I want, is a way for people on internet to be able to connect (both
> > active and passive) to my FTP server. And my FTP server (192.168.1.13)
> > is located on the internal network.
>
> I've done it just by forwarding Port 21 to the internal machine from the
> firewall. That's all I did.
Do you have any filtering rules on the
masq-router? If you block port 20 of the
ftp-server, it will brake aktive and if you block
>1024 it will brake passive ftp.
> > With portforwarding, it is possible to make both active and passive
> > connections. But with passive it is not possible to fetch any data. I
> > believe this is becasue my firewall (192.168.1.1) is not accepting the
> > FTP servers request to open a new port. Can I make a ipchains rule to allow
> > this?
>
> I'm wondering if you're using a chroot jailed FTP server, and you don't have the
> right binaries in the chroot jail. I could be missing the target here though.
Since he can do ls with active ftp, that cannot be
the problem here.
-Rolf
Reply to: