On Fri, Dec 05, 2008 at 03:30:19PM -0700, Robert L. Harris wrote: > I've read both of those and understand how the ftp works. I've > spent the last 2 days googling. > Unfortunately it's all working now except how to get the iptables data > connection in passive > mode working. I can log in, etc just fine but when I do a "ls" after > issuing the "passive" > command it times out. > > The second example looks good but doesn't handle the DNAT (the ftp > server is running on > another machine behind my firewall.
It hangs after ls? Sounds like your data traffic gets jammed somehow. Some things to consider: - did you open up the data port (this is control port minus 1)? - did you open some ports for the passive connection? - did you tell this to your server? - does the NAT machine translate the ftp packets properly? If you're using proftpd you may try set following directives in the config: PassivePorts <range> MasqueradeAddress <wan IP NAT/firewall machine> I had the exact same problem, and this fixed it for me. -- Good day for a change of scene. Repaper the bedroom wall. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]