/* HINT: Search archives @ http://www.indyramp.com/masq/ before posting! /* ALSO: Don't quote this header. It makes you look lame :-) */
Well, I found out what the problem was. I did a client tcpdump on a specific passive port that I configured on the ftp server. The tcpdump showed that when the ftp client tried to reply with a passive ftp request, it was pointing to the internal IP address, instead of the firewall IP. I was able to get the pasv working (through some dirty hacks and portfw'ing). But does anyone know why the firewall was NOT masqing the address? -Rob > on 1/8/2002 7:25 AM, Robert Dege at [EMAIL PROTECTED] wrote: > > > I agree with your assessment. Actually, active mode does use a standard > > port (20). However, discussion on ftp semantics doesn't help me to fix > > my passive mode connection problems. > > > > Rob does not know how to tame the ftp beast :( Is there anything that > > you or anyone can suggest that might help? I'm all ears. > > > > Can you also CC me? For some reason, I am not receiving the list > > emails, but am only able to get the digests at the end of the day. > > Port 20 is standard -- in the opposite direction (server -> client). Since > most clients using PASV are behind some kind of NAT themselves, the server's > connection to port 20 on the client is usually ignored. > > What you need to do is have some kind of proxy on the server that will > accept incoming requests on port 21, and recognize that requests coming from > the same IP address to another port go to the server. That would permit > PASV clients to work. Clients who use active mode will continue to work > correctly. > > -- > Glenn L. Austin <>< > <[EMAIL PROTECTED]> > Phone: (360) 281-5436 > -- -Rob _______________________________________________ Masq maillist - [EMAIL PROTECTED] Admin requests can be handled at http://www.indyramp.com/masq-list/ -- THIS INCLUDES UNSUBSCRIBING! or email to [EMAIL PROTECTED] PLEASE read the HOWTO and search the archives before posting. You can start your search at http://www.indyramp.com/masq/ Please keep general linux/unix/pc/internet questions off the list.
