Problems with fetch but not ftp in a jail?

Danny Carroll newsacct01 at
Tue Sep 21 01:48:34 PDT 2004

I am having a strange problem with my home network.
Here is what it looks like.

Internet <-> FreeBSD Firewall/Natd box (guard) <------> Local Net

|------------ testsrv (

|----- testjail (

Testjail is a jail ( running under testsrv (
Subnet is routed to testsrv at the firewall.

The nat stuff works fine for everything else.

The problem is I cannot do this from testjail (passive mode is needed for my
natd setup).

   fetch -p -v

As you can imagine it is making it hard to install ports.
I can do it from testsrv but not from within the jail.

I can do a file transfer (of the same file in passive mode) just by using
the ftp client from both testsrv and testjail.
It looks to me, but checking the TCPdump output that it's just not
requesting the data channel.  (Or the data channel is not comming back) as
it is able to establish the control channel fine.

Has anyone else had some problems like this with fetch in a jail?

I am using 5.2.1-RELEASE-p9 and ipfw/natd to do my nat on the firewall (a
4.9 box).

p.s. I can post tcpdump output if needed.

More information about the freebsd-questions mailing list