You only allow active transfers, then. Or else you have to put the ftp server outside the main firewall, with it's own firewall configured to allow passive transfers.
Brent -----Original Message----- On Dec 15, 2004, at 10:00 AM, Amadeus Stevenson wrote: > I am using a "block all" firewall which then selectively allows > certain connections out and back in from a natted lan (ie. http, smtp > etc.). > > The problem arises with FTP. > > I read up on Active and Passive transfers from: > http://slacksite.com/other/ftp.html > > I had to block ports > 1024 because of various file sharing programs > which would use whatever ports they could to share files and suck up > the bandwidth of the internet connection. > > This also blocked FTP working properly.
