Re: ftping through a router
Subject: Re: ftping through a router
Date: Mon, Jun 28, 1999 at 09:09:05AM -0500
In reply to:Robert Rati
Quoting Robert Rati(ratirh@cs.purdue.edu):
> That's exactly the case, ans setting the ftp client to passive mode
> worked. I use ipchains to set the firewall rules thusly:
>
> Default input chain is ACCEPT
> Default forward chain is DENY with two entries to MASQ for ppp0 and eth0
> Default output chain is ACCEPT
>
> I don't see how these rules prevent the active mode of ftp. What do the
> rules need to allow for active ftp to work? Also, where is this
> ip_masq_ftp module you are referring to? Is it a kernel module?
> If so, I
> don't have it, but I compiled everything into the kernel that I thought
> I'd need.
>I didn't use modules at all. Know any way to check to see if
> that functionality is there? Thanks for all your help.
>
> Rob
>
less /usr/src/linux/Documentation/Configure.help
/ ip_masq_ftp.o
IP: masquerading
CONFIG_IP_MASQUERADE
[ snip ]
If you say Y here, then the modules ip_masq_ftp.o (for ftp file
transfers), ip_masq_irc.o (for irc chats), ip_masq_quake.o (you
guessed it), ip_masq_vdolive.o (for VDOLive video connections),
ip_masq_cuseeme.o (for CU-SeeMe broadcasts) and ip_masq_raudio.o
(for RealAudio downloads) will automatically be compiled. They are
needed to make masquerading for these protocols work. Modules are
pieces of code which can be inserted in and removed from the running
kernel whenever you want; read Documentation/modules.txt for
details.
--
Real Programmers don't write in PL/I. PL/I is for programmers who
can't decide whether to write in COBOL or FORTRAN.
_______________________________________________________
Wayne T. Topa <wtopa@mindspring.com>
Reply to: