Michael McClure wrote:
>
> I'm running Eigerstein on 1.6MB floppy with the VPNMasq Kernal.
>
> I've decided to run a simple FTP server inside my firewall. I have to
> have this working by tomorrow mid-day -- giving a little presentation
> and have to have an FTP site to download off of. Everybody's problems
> related to FTP seemed to be re: Passive, so I figured that Active was
> easy to configure...guess sometimes not.
The problem is that FTP requires TWO connections. Active FTP (the
original) consists of two connections thus:
1. Control connection to port 21 on the server from your host (port
over 1024).
2. Data connection FROM the server port 20 to *YOUR MACHINE* (port
over 1024).
It is this last connection that causes all the problems. If you are
inside the firewall and the FTP server is outside, then allowing
active FTP is a BIG security risk. However, that's not the case....
Passive FTP changes the data connection to permit users behind the
firewall to connect to an outside FTP server.
You should go to http://leaf.sourceforge.net/ or http://lrp.c0wz.com/
and look for the documentation on FTP. You may also want to look at
the documentation for the ip_masqadm_ftp proxy ....
I wonder if you wouldn't benefit from ProxyARP.... look at those docs
too.
Another idea - bug Charles :-)
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-user
