Rick:
Wow. So *this* is the sensation of being wrong.
<g>
I stand corrected. Helluva patch, if it works.
Though...if my PASV FTP client asked to connect to port
23, I wonder what the patch would do?
Anyhow, apologies abound. Anyone seen it working?
-Scott
On Wed, 4 Apr 2001 [EMAIL PROTECTED] wrote:
> On Tue, Apr 03, 2001 at 09:56:20PM -0700, Scott C. Best scribbled:
> > Errr...
> > I believe that ip_masq_ftp is used to make *active*
> > FTP work, on the *client* side.
> > My understanding is that Active FTP is tricky on
> > client-side NAT'ing-firewalls and passive FTP is tricky on
> > server-side NAT-ing firewalls. Unfortunately, this masq
> > modules only solves for one of them, not both.
> > AFAIK, you *gotta* tweak the config files of your
> > FTP server to make it work from behind a NAT'ing firewall.
> > Its response to the PASV request must include the external
> > IP# of the firewall and a port from within the port-range
> > that the firewall is auto-forwarding from.
> >
> > Kick me if I'm way wrong on this...
>
> *punch*
>
> I know all of that; I'm talking about the patch, originally
> written by Fred Viles [IIRC], that changes the ip_masq_ftp.o
> module to correctly deal with server-side-NAT-firewall-PASV
> connections.
>
> This allows you to avoid having to do anything special with
> your FTP server, in case you're running one that you can't
> configure like that.
>
> > -Scott
>
> --
> rick -- A mind is like a parachute... it only works when it's open.
>
> ICQ# 1590117 [EMAIL PROTECTED]
> Help with LRP: http://lrp.c0wz.com Home page: http://www.c0wz.com
>
> _______________________________________________
> Leaf-devel mailing list
> [EMAIL PROTECTED]
> http://lists.sourceforge.net/lists/listinfo/leaf-devel
>
_______________________________________________
Leaf-devel mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/lists/listinfo/leaf-devel
