On Tue, 4 Dec 2001, Maxim Heijndijk wrote: > I have a dachstein-rc2 firewall PPTP-ADSL setup. I cannot get port forwarding to >work.
> My interfaces are: eth0 (10.0.0.100) which is connected to an ADSL > modem at 10.0.0.138. Okay... as long as the ip addresses used by pptp are public you are okay... > The external if ah, internal? > is eth1 at 192.168.1.1 ,with a > built in hub which connects to the internal network 192.168.1.2, > 192.168.1.3, 192.168.1.4. The pptp connection creates a ppp0 interface > at a semi-dynamic IP adress (when I switch off the modem, the > ip-adress could be changed. I hardly ever switch off the modem.) The > FTP server is at 192.168.1.4. I can connect to it locally, but when I > try to connect to it via the ppp0 interface the connection is started > but it hangs forever. You need to read ftp://ftp.echogent.com/docs/FTP_and_Firewalls.pdf. This is NOT an easy thing to do ... particularly when the ip changes around. It often involves coordinated configuration of the ftp server and the firewall to get a constrained set of ports forwarded to your internal server. > When I switch on SNMP_BLOCK=YES the connection > is refused. Hm. SNMP should have nothing at all to do with it. > The ip_masq_ftp and ip_masq_portfw are loaded at boot > together with all interfaces, but the ppp0 interface is started later > on. The good news is that I think the Dachstein kernel's version of ip_masq_ftp has support for the "in_ports" option, which I believe assists in setting up passive servers (try "in_ports=21"). I haven't tried it yet myself. --------------------------------------------------------------------------- Jeff Newmiller The ..... ..... Go Live... DCN:<[EMAIL PROTECTED]> Basics: ##.#. ##.#. Live Go... Live: OO#.. Dead: OO#.. Playing Research Engineer (Solar/Batteries O.O#. #.O#. with /Software/Embedded Controllers) .OO#. .OO#. rocks...2k --------------------------------------------------------------------------- _______________________________________________ Leaf-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user
