Clark:
Heya. You're running headlong into the difference
between how NAT'ing firewalls act in regards to active and
passive mode FTP. I wroteup a PDF which spares few details
about it:
ftp://ftp.echogent.com/docs/FTP_and_Firewalls.pdf
The end of that document describes how to configure
your firewall and FTP server to allow both modes to work.
It's especially tricky for passive-mode servers behind
a NAT'ing firewall, which sounds like what you're working
with. Unfortunately, passive-mode is the default mode of
web browsers. Depending on what specific FTP server you're
running, it should be a solvable problem, though.
Good luck, keep us posted!
-Scott
> I have recently set up an EigerStein firewall at home,
> and nearly have everything working just the way I want
> it. Nearly.
>
> The EigerStein machine is set up to forward FTP
> packets to a computer behind my home firewall. This
> works fine when I access the machine from a computer
> that is esentially sitting on the internet. I still
> have a shell account from the university I graduated
> from 4 years ago, and while telneted there, I can FTP
> to my machine behind the firewall just fine. However,
> from my computer at work, when I try to FTP, I can
> login, but trying to get a directory listing just sits
> there and eventually times out. From the work computer
> I can ftp to the aforementioned university account
> just fine, and before I installed the firewall, I
> could FTP home just fine.
>
> My only guess is that, due to the screwed up firewall
> at work, when the FTP client sends its PORT command
> before doing trying to get the file list, the IP
> address it sends isn't the same as the address it
> thinks I logged in from. I am basing this guess on the
> fact that IP address that is logged when I ssh into
> the machine is completely different than the IP
> address sent along with the PORT command.
>
> Any ideas?
>
> Clark
_______________________________________________
Leaf-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
