User LAFFER1 <[EMAIL PROTECTED]> wrote:
> Does it work with ipfw disabled? If so, then it seems resonable that ipfw
> is causing the problem. One of the ftp modes (pasv or port) requires high
> level ports to be accessible on the server. I just started drinking
> coffee this moring, so i can't remember which one yet. :)
Drink faster man! ;)
Do these tests:
1) FTP active mode with firewall enabled
2) FTP active mode with firewall at allow all
3) FTP passive mode with firewall enabled
If 2 & 3 succeed and 1 doesn't ... then it's your firewall. Other
combinations indicate other problems which may be more complex.
FTP active mode requires that the server can make a connection _back_ to
the client. This fails over NAT boundries and many different firewall
configs. Passive mode causes the client to make a _second_ connection to
the server on a high, random port. This traverses NAT pretty well, but
requires proper rules in the server's packet filter to allow the connections
to succeed. I believe the man page on ftpd has more detail. The "random,
high" ports that can be used is configurable. I believe these two sysctls
> If i remember right, the default ftpd is influenced by hosts.allow and
> hosts.deny too.
> On Thu, 1 Jul 2004 [EMAIL PROTECTED] wrote:
> > I am running FreeBSD 4.9 RELEASE running the standard ftpd. I can act as an
> > ftp client from the console OK, however when I try to ftp from a client PC
> > to the server running ftpd (which is running ipfw) the ftp server receives
> > the packet sent to port 21 and replies however it will not initiate a DATA
> > connection back to the client from port 20. I had my client configured to
> > use ACTIVE FTP. I have also tried PASSIVE without any difference. I do not
> > have a firewall on the client and can successfully FTP to another FreeBSD
> > box.
> > None of the rules on my firewall that deny packets coming back from the ftp
> > servers ipfw firewall are being hit. Does anyone have any ideas?
> > Regards, J.S
> > _______________________________________________
> > [EMAIL PROTECTED] mailing list
> > http://lists.freebsd.org/mailman/listinfo/freebsd-questions
> > To unsubscribe, send any mail to "[EMAIL PROTECTED]"
> [EMAIL PROTECTED] mailing list
> To unsubscribe, send any mail to "[EMAIL PROTECTED]"
[EMAIL PROTECTED] mailing list
To unsubscribe, send any mail to "[EMAIL PROTECTED]"