Proftp behind firewall

To: debian-user@lists.debian.org
Subject: Proftp behind firewall
From: Michael Olds <MikeOlds@pacbell.net>
Date: Mon, 02 Dec 2002 12:14:13 -0800
Message-id: <[🔎] NGBBLDIFELPCGLIINMHCOEJPCGAA.MikeOlds@pacbell.net>

Greetings once again,

I have requested help on this issue before, but the problem was never
resolved, so here goes one more try (a little different this time; I have
given up trying to set up anonymous ftp):

I need to get plain-ol' ftp working.

I am using Proftp. My setup is:
Intel 850 P4 1.9G; 1GbRAM; Win2000;
Intel 845 P4 1.6G; 768MbRAM; Debian Linux (3.0 Woody);
Connected to a static DSL IP through a US Robotics Broadband Router.

I have given up on Anonymous ftp; I just need to provide a couple of users
secure access to websites I want to host for them.

Currently I am using sftp (SSH2) to access my own websites from the Windows
box behind the router. When I try to use the Internet I cannot make the
connection (various error messages...tell me what setup you want me to try
and I will post the error message).

I have read the documentation and nothing quite deals with my situation
which surely cannot be unique. And I have read each of the following:
Slow logins:
  http://www.proftpd.org/docs/faq/faq_full.html#AEN414
Networking/firewall/NAT issue:
http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-NAT.txt
http://slacksite.com/other/ftp.html (See <a name="extract_1"
href="#extract_1ex">extract</a> below)
Debugging:http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-De
bugging.html

I need to know:
What ports should be opened through the router's firewall? I have tried 21
20 and those plus the range 60000-65000.

What should my proftpd.conf look like:

I have tried variations on the folowing in the proftpd.conf:

# UseReverseDNS         off
# IdentLookups          off
#
# MasqueradeAddress      both ftp.mydomain.net and http://www~ and
00.000.00.00 the static IP Address used to connect to the Internet
# PassivePorts          60000 65535
# AllowForeignAddress     on
#

Neither ftp nor nogroup are in /etc/ftpusers

What I have not changed is anything to do with configuring the NAT as I am
not sure that is what I need to do (or what I need to do to change it)...so
I need to know if it is what I need to do.

I have reconfigured this endless times over the last couple of months and I
am tuckered! Anyone can guide me through this or point me in the right
direction, I would appreciate it much.

Reply to:

Follow-Ups:
- Re: Proftp behind firewall
  - From: Rob Weir <rweir@softhome.net>

Prev by Date: Re: where to download KDE
Next by Date: Re: apt error, Dynamic MMap ran out of room
Previous by thread: Enterasys CSIBD-AA wireless pcmcia card.... where to get drivers...
Next by thread: Re: Proftp behind firewall
Index(es):
- Date
- Thread