I have been pointed at FTPSesame by two people, and it looks pretty much ideal to me (I'm not using NAT), and philosophically a preferable solution. However, I would also like to understand why my present solution doesn't work.
I know that an IP address is required, but as I said, my bridge has one. Daniel said in a response to another questioner that this required IP addresses on both interfaces - why should this be so, when the one IP address I have is accessible from all legs of the bridge? I already use it for SSH access for control of the firewall from different places. I also note that the redirection for ftp-proxy is conventionally to 127.0.0.1, and that this might require forwarding to be enabled. Is there any reason not to use the IP address of the bridge, given that I have set inetd up to respond to 8021 on all local IPs? If I knew the answers to these questions, I could doubtless solve my original problem directly - but I don't, and have been unable to find them in the archive. Paul -- Paul Hodges IT Support Manager Dept of Clinical Pharmacology Oxford University 01865-224418
