FTP Client and IPFilter

crzdgns1 at starpower.net crzdgns1 at starpower.net
Fri Feb 18 04:49:14 PST 2005 

Hello,

This ia a slightly longer post and I am not sure if it belongs
here or in freebsd-questions.  If it belongs in
freebsd-questions, please let me know and I will post it
there.  Now then...

I think I am beginning to accept the fact that I can't read,
so I'll just state that condition from the beginning.  I have
installed FreeBSD-5.3-RELEASE and use IPFilter as my firewall.
     
I have only one machine, with a cable modem connection to the
internet.  I have been following the directions in the
Handbook, or so I thought, until yesterday.  Yesterday I
posted a message here titled something like "Which FTP do I
have?" and received many helpful replies. Thank you!  My FTP
client still doesn't work and the reason it doesn't work is, I
believe, I didn't follow the directions, which I discovered
upon further reading of the handbook last night.  

My questions for today are mostly for clarification of what is
written in the handbook, starting at section 24.5.18, Enabling
IPNAT.  I do not currently have IPNAT enabled.  Given that I
am a homeuser with only one machine, must I have IPNAT enabled
for FTP to work properly?  The ipf.rules in the handbook seem
to indicate so, but I would appreciate confirmation.
  
Secondly, the first rule in section 24.5.18 enables the
computer as a gateway.  I was under the impression that it is
wisest not to use this rule unless you genuinely intend to use
the machine in question as a gateway.  Am I correct?  If so,
can I leave the first rule out and just include the second and
third rules and still expect the IPNAT FTP proxy to function?

Thirdly, I am trying to follow the directions, believe it or
not.  Assume for the moment that I use all three rules listed
 in 24.5.18 of the handbook.  Since I have only one computer,
can I then skip directly to section 24.5.21.1, IPNAT Rules,   
add the three rules there, and then have a reasonable
expectation that FTP will work properly from behind my
firewall?  Again, I am using the ipf.rules listed in the handbook.

Thanks,

Mark

More information about the freebsd-newbies mailing list