/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */ Search still down so no luck checking there first. This one's for a friend, so I won't even claim to know what I'm asking about. I did test the same thing on my setup to verify it though. I also tried something similar years ago on a 2.0.36. Although I can't guarantee that failed for the same reasons, I can say I failed then too though. Concept is like this. FTP server runs on Windows box on LAN (port 5000, for instance). Trying to portfw port 5000 on the masq box to port 5000 on the windows box. IP of the windows box = 192.168.0.100 Doesn't work. PASV hangs on <227 Entering Passive Mode (192,168,0,100,8,211)> PORT hangs on <150 Opening ASCII mode data connection for /bin/ls.> PORT I'd expect to not work. PASV however I thought was supposed to pretty much work as long as you got the initial connects, no more ports needed. I've browsed the net a bit (including an RFC outlining the PASV mode), and it still seems to me at least PASV should work. As usual, I'm in the wrong. Here's the kicker. If I host it on port 21 and run the forward from 21 on the linux to port 21 on the windows box, PASV still doesn't work. However, reguar PORT mode does. To me that would seem to indicate the NAT on the client-side has a ip_masq_ftp module functionality enabling PORT to work (or isn't behind NAT). Fine, not a problem. Makes perfect sense. Except for the fact that PASV doesn't work. Correct me if I'm wrong, but I thought the masq module was created to enable PORT to work so people weren't limited to PASV. I've had limited possibilities to test, but I've had people both behind NAT and straight on the net attempt to connect. Same results for all. My initial guess would be a masq module working for *inbound forwarded* ftp access (just to have tried, I attempted to load ip_masq_ftp 21,5000 too. Does it support multiple ports like that?). My second guess would be such a thing doesn't exist. Anyways, ideas appreciated. Or at least some explanation as to what kills this (heck I've portforwarded pretty much everything else possible, only problem I've ever had has been ftp server on the lan). -- Frode _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
