My understanding of the ftp proxy is that you only need it on systems running NAT. If you're running a bridging firewall, then I'm assuming that all the machines behind it have public IP addresses?
Cheers, Mattias Lindgren ======================================================================== ==== "I'm Mattias Lindgren, and I've approved the contents of this message" -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Paul Hodges Sent: Monday, August 23, 2004 3:30 PM To: [EMAIL PROTECTED] Subject: Re: ftp-proxy on a bridging firewall I have been pointed at FTPSesame by two people, and it looks pretty much ideal to me (I'm not using NAT), and philosophically a preferable solution. However, I would also like to understand why my present solution doesn't work. I know that an IP address is required, but as I said, my bridge has one. Daniel said in a response to another questioner that this required IP addresses on both interfaces - why should this be so, when the one IP address I have is accessible from all legs of the bridge? I already use it for SSH access for control of the firewall from different places. I also note that the redirection for ftp-proxy is conventionally to 127.0.0.1, and that this might require forwarding to be enabled. Is there any reason not to use the IP address of the bridge, given that I have set inetd up to respond to 8021 on all local IPs? If I knew the answers to these questions, I could doubtless solve my original problem directly - but I don't, and have been unable to find them in the archive. Paul -- Paul Hodges IT Support Manager Dept of Clinical Pharmacology Oxford University 01865-224418
