ipfw: fetch doesn't reach ftp://fttp.sites.foo
Allan Jude
freebsd at allanjude.com
Fri Mar 7 20:33:38 UTC 2014
On 2014-03-07 13:57, O. Hartmann wrote:
>
> Recently I swaitched from pf to ipfw on some CURRENT boxes and for convenience I used the
> "workstation" predefinition of FreeBSD. But with that change, all access of ports via
> fetch located at ftp-sites stopped passing the filter.
>
> Even switching to "open" doesn't help and this is confusing me.
>
> The CURRENT box in question is passing its traffic within a LAN through a gateway running
> also FreeBSD CURRENT, but with pf. The gateway is performing NAT. As long as the failing
> client behind the gateway system is using pf as the filter, the traffic for ftp seems to
> pass through. On the gateway with pf as the default filter, the ports fetching via
> ftp-site their sources perform without problems.
>
> What is up with IPFW?
>
> Is their a solution? I tried to search google for "freebsd ipfw ftp" but I didn't find
> anything suitable targeting my problem or any problem of that kind.
>
>
> Thanks in adavance,
>
> Oliver
>
What error does fetch give? Is it having problems with DNS, connection
to the FTP site, or just making the FTP DATA connection? Have you tried
with 'passive' mode on/off?
--
Allan Jude
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 899 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-current/attachments/20140307/b6194d06/attachment.sig>
More information about the freebsd-current
mailing list