Re: Passive mode with wu-ftpd
On Sat, Oct 19, 2002 at 11:44:29PM -0700, nate wrote:
> Bob Nielsen said:
> > I am already using static NAT, am not familiar with 1:1 static NAT. I
> > looked through some documentation and this looks like it requires a 2.4
> > kernel (I am running 2.2.21 with ipchains currently). I guess it's time
> > I finally bit the bullet and figured out netfilter/iptables in any case.
> >
>
> or put the machine outside the firewall. I see your using oz.net (same
> isp as me!) they'll give you more ips if you ask for them..
One is included with my DSL account. I believe the next step they
offer is several (4 or 8?) for an extra charge. Since this is for
personal/hobby use, I don't want to spend any more than I already am
(being retired and experiencing the effects of the stock market is
painful enough).
>
> just incase, to clarify what I mean by static NAT it maps everything
> from 1 real ip to 1 NAT'd IP. I haven't used 2.4.x either so I am not
> famillar with what docs you may be reading. I've read up on it for ipf
> though. It works quite well. The setup on cisco is pretty simple you
> just tell it map this ip to this ip, no need to specify ports or anything.
I see. That sounds straightforward, but I'm sure that I can eventually
get port forwarding to work with passive ftp and one external IP.
Since active ftp works fine, I'll probably leave things as-is for now
and experiment a bit with 2.4 and IP tables on a spare machine,
probably using fiaif or one of the gibraltar firewall options.
Bob
Reply to: