Hi, Sturla Holm Hansen a écrit :
I'm having a problem with ftp from a custom system at a client that uses ftp to get som files from suppliers.The new firewall is obviously stopping it as it wasn't a problem before.I've tried ftp-connections with firefox, msie, smartftp and lftp and they all work,
I bet they all use passive mode for data connections, the mode that works rather well from behind firewalls or NAT devices.
the only place I can replicate the problem is with theftp-client in dos (or windows cmd).
And this one can use only active mode, the mode that does not work well from behind dumb firewalls or NAT devices. By the way, the command-line ftp client included in Windows is a true Windows application and would not run in real MS-DOS mode.
I've allso tried purging all rules and setting policy to accept on all chains, still the same problem...For those wondering, I just needed to "modprobe ip_nat_ftp"....
No need to wonder. :-)The fact that the problem remained even after removing all filtering rules indicated that it was related to NAT. FTP is such a complicated protocol, not only for firewalls but also for NAT devices...