> I am running a linux box as a basic packet filtering and masquerading
> firewall, using ipchains, to connect to a cable service.
> Can anyone enlighten me on the possibility of running an FTP server inside
> the local net (192.168.0.0) and making it directly accesible to the
> outside world, on a non standard port for FTP. I would like to do this
> straight through without adding another NIC.
>
> Is this possible?
Yes, it is possible. you can either use the ipmasqadm program, loading a
module called portfw. run ipmasqdadm portfw to get more information about
this. However, this doesn't really work good, other people behind firewalls
might get stuck as soon as the data-connection should be established.
portfwd is another program that forwards ports, with special support for
ftp forwarding... take a look at http://nucleo.freeservers.com/portfwd/.
Check freshmeat for other portforwarders.
> What are the likely security concerns?
Nothing more than that you have provided intruders with a way to get inside
your firewall, but one must let some traffic in...
> How would you implement this?
I myself am using the ipmasqadm even though it isn't a good option, guess
I'm to lazy to find any other program doing the same thing only better.
> I would also like any information on accessing FTPs on non standard ports
> outside of an IPCHAINS MASQ firewall.
> ip_masq_ftp.o module only seems to work properly on 21
modprobe ip_masq_ftp ports=[whatever ports you'd like]
i think that it works, at least it does on the modules ip_masq_irc... :)
> Cheers,
> [EMAIL PROTECTED]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
