Quoting -= dara =- <[EMAIL PROTECTED]>: > I was probably a bit unclear in my question, sorry. > > I believe ip_masq_ftp is only used for enabling FTP clients on the > internal (192.168.1.0) network to connect to an FTP server on the external > (internet in my case) network. Please correct me if I am wrong.
You are correct - that's all it does. > What I want, is a way for people on internet to be able to connect (both > active and passive) to my FTP server. And my FTP server (192.168.1.13) > is located on the internal network. I've done it just by forwarding Port 21 to the internal machine from the firewall. That's all I did. > With portforwarding, it is possible to make both active and passive > connections. But with passive it is not possible to fetch any data. I > believe this is becasue my firewall (192.168.1.1) is not accepting the > FTP servers request to open a new port. Can I make a ipchains rule to allow > this? Sounds like you've got a broken FTP server. Let me get this straight - you can connect to the server, but you can't ls or get or put any data. I'm wondering if you're using a chroot jailed FTP server, and you don't have the right binaries in the chroot jail. I could be missing the target here though. Andrew "I do not agree with what you say, but I will defend to the death your right to say it." Francois Marie Arouet Voltaire (1694-1778)
