Re: ftping through a router

To: Michael Talbot-Wilson <mtw@birdseye.view.net.au>
Cc: Steve George <steve@blah.dircon.co.uk>, debian-user@lists.debian.org
Subject: Re: ftping through a router
From: Robert Rati <ratirh@cs.purdue.edu>
Date: Mon, 28 Jun 1999 09:09:05 -0500 (EST)
Message-id: <[🔎] Pine.GSO.4.10.9906280904550.2421-100000@lore.cs.purdue.edu>
In-reply-to: <[🔎] 199906280450.OAA03755@chameleon.view.net.au>

That's exactly the case, ans setting the ftp client to passive mode
worked.  I use ipchains to set the firewall rules thusly:

Default input chain is ACCEPT
Default forward chain is DENY with two entries to MASQ for ppp0 and eth0
Default output chain is ACCEPT

I don't see how these rules prevent the active mode of ftp.  What do the
rules need to allow for active ftp to work?  Also, where is this
ip_masq_ftp module you are referring to?  Is it a kernel module?  If so, I
don't have it, but I compiled everything into the kernel that I thought
I'd need.  I didn't use modules at all.  Know any way to check to see if
that functionality is there?  Thanks for all your help.

								Rob

On Mon, 28 Jun 1999, Michael Talbot-Wilson wrote:

> 
> > 
> > I guess that you used ipfwadm/ipchains to set your box as a router.  What's probably happening is that you have blocked the incoming connection from the ftp server.  To solve this you can either change your ip rules or try and use the passive (pasv) form of ftp where the server tells the client the port to connect to and the client then does the connection: note that some windows FTP clients can't do this commonly the dos box ones can't.
> > 
> > On Sun, Jun 27, 1999 at 12:00:40AM -0500, Robert Rati wrote:
> > > I setup a router for a home network, and everything seems to work fine but
> > > one thing.  I can't use ftp.  I can connection to sites outside my network
> > > via ftp, but I can't do the ls command.  Usually, when you do a lsc,
> > > you get something back like:
> > > 
> > > 200 Port Command
> > > 
> > > or something like that, but instead, I get:
> > > 
> > > 500 Illegal PORT Command
> 
> If you are masquerading, make sure you have the module ip_masq_ftp.
> 
> 

=======================================================================
ratirh@lore.cs.purdue.edu : Role-Player, Babylon 5 fanatic      1998-99
Aka Khyron the Backstabber : ICQ# 2325055
Homepage: www.cs.purdue.edu/homes/ratirh 

"Happiness comes in short spurts.  Don't be fooled."
=======================================================================

Reply to:

Follow-Ups:
- Re: ftping through a router
  - From: Steve George <steve@blah.dircon.co.uk>
- Re: ftping through a router
  - From: Wayne Topa <wtopa@mindspring.com>

References:
- Re: ftping through a router
  - From: Michael Talbot-Wilson <mtw@birdseye.view.net.au>

Prev by Date: Re: Getting Mpeg Trackname?
Next by Date: debian for ISP use
Previous by thread: Re: ftping through a router
Next by thread: Re: ftping through a router
Index(es):
- Date
- Thread