IPFILTER & active ftp client
fgleiser at cactus.fi.uba.ar
Wed Dec 3 17:52:14 PST 2003
On Wed, 3 Dec 2003, fbsd_user wrote:
> I have this rule in my Nat rules file. I can see my filter rule
> allow the FTP request to pass through, but I don't see packet return
> back on high port number for data transmission. IT looks like the
> NAT proxy is not opening hole for return data port.
> The Nat rules I am using follow
> # Provide special NAT services for Active FTP from LAN users.
> map rl0 0/0 -> 0/32 proxy port 21 ftp/tcp
is rl0 your external interface? Besides, I've had problems with this setup.
Change it to
map rl0 10.0.10.0/29 -> 0/32 proxy port 21 ftp/tcp
More information about the freebsd-questions