[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: your mail - sorry for empty subject.

On Thu, Dec 20, 2001 at 02:34:06PM +0100, Bernd Eckenfels wrote:
> On Thu, Dec 20, 2001 at 01:09:57PM +0000, Andrew Pritchard wrote:
> > Sounds like you've got a broken FTP server. Let me get this straight - you can 
> > connect to the server, but you can't ls or get or put any data.
> of course not work. Thats why ls and get hangs. The solution is, to use
> eighter an reverse proxy like frox or jftpgw (or proxy suit from suse) or to
> say by configuration, which the official ip address of the web server is
> (some ftp daemons like proftp support this).

Proftpd has the "MasqueradeAddress" directive (is this the
right directive?  is there another way?) in version 1.2.2,
but this isn't in Debian stable yet.  (Hmm... what's the
build-depends for proftpd in testing?)

> In that case you aso need to
> setup a forwarded range of ports which are pased 1:1 to the internal host.

This is trivial if you're using SNAT (right?)  Otherwise
(with Masquerading) you would use "ipmasqadm portfw ... "
for each port?

(I would like to get passive ftp working to servers in an
address-translated DMZ, but haven't yet.)

Michael J. Micek, CyberStrategies, Inc. sysadmin.	mmicek@csz.com

Reply to: