hi florin, thanks for replying, i think i might not have been clear, i can enable both active and passive ftp through snf to the actual ftp box, just not both at the same time, the change to enable either is made in the config of proftpd and not on the snf which has ports 49152,49153 forwarded to the actual ftp box, the ftp box has proftpd set up to offer passive connection s on those two ports and this works fine as long as proftpd also has the ip address of snf in its config as well, however specifying the ip address of the firewall in proftpd stops active ftp from working, commenting out the relevant line in /etc/proftpd.conf allows active but breaks passive ftp, the suggested solution from the proftpd list was the following ---snip---- On your firewall, what you need to do is load the ip_masq_ftp modules with the following aguments
modprobe ip_masq_ftp in_ports=20,21,49157,49153 ----snip----- my question is that i don't know anything about 'ip_masq_ftp' my snf is all set up via the web interface, is this proposed solution applicable to snf, does snf use this 'ip_masq_ftp' whatever it is, if so where do i put this to be permanent assuming it works), i want to try this 'solution' but i don't wnat to break anything ! bascule On Friday 07 Dec 2001 2:09 pm, you wrote: > > > Unfortunately, one cannot forward the 49152 port of the firewall to the 21 > port of the real server. The forwarding used in the SNF frontend assumes > that the source and the destination ports are identical. > > This might change in the future versions ... > > cheers,
