FTP server behind firewall?

Manolis Kiagias sonicy at otenet.gr
Thu Apr 17 04:59:23 UTC 2008

Gilles wrote:
> On Wed, 16 Apr 2008 22:06:24 -0400, Jon Radel <jon at radel.com> wrote:
>> What control do you have over the firewall?  One of the cleaner
>> solutions would be to run an ftp proxy on the firewall, such as that
>> supplied with pf.  See ftp-proxy(8) or
>> http://www.openbsd.org/faq/pf/ftp.html
> Unfortunately, the router/NAT firewall can be neither replaced nor
> tweaked, since it's a modem/router provided by our ISP.
> Actually, we don't necessarily need an FTP. Whatever solution to send
> files is fine, provided I can add this feature in a VB Classic client
> application.
Running an FTP behind a home DSL router is perfectly possible. You will 
just have to open a range of ports on the router itself eg 25000-25050 
and forward them to your ftp server internal IP address. Then set the 
FTP server to only use these ports for passive transfers.

For example, I am using ftp/proftpd and have this directive in the 
configuration file:

PassivePorts 25000-25050

You will, of course, need to forward port 21 as well.

More information about the freebsd-questions mailing list