Re: FTP server behind router/gateway
On Thursday 14 September 2006 17:40, [EMAIL PROTECTED] wrote: I have a FreeBSD 6.1 box running behind a router/gateway. When it tries to go into passive mode, it returns it's internal 192.168. ip address to the client which the client stupidly uses to try to connect to. I've confirmed this by tyring to FTP from several external systems (windows linux). Is there anyway to get the FreeBSD box to return the external address without making it act as the router/gateway? In addition to what Andreas said: The problem is not the router/gateway in front of the ftp. The problem is the internal address the ftp server has and the nat that the router has to do. FreeBSD knows nothing about the external address... I think you'll have better results getting a second IP address for your ftp server and just route packets. Or you could search for an ftp server with this feature and/or a router with a big bag of tricks(similar to ftp-proxy FreeBSD has) I would go for a second IP address if that was a choice Nikos ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
FTP server behind router/gateway
I have a FreeBSD 6.1 box running behind a router/gateway. When it tries to go into passive mode, it returns it's internal 192.168. ip address to the client which the client stupidly uses to try to connect to. I've confirmed this by tyring to FTP from several external systems (windows linux). Is there anyway to get the FreeBSD box to return the external address without making it act as the router/gateway? Thanks, Marty ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP server behind router/gateway
That is more a matter for your router. Your router should be wrapping the internal address with a public one. Be sure you are forwarding all the ports needed for ftp. -Derek At 09:40 AM 9/14/2006, [EMAIL PROTECTED] wrote: I have a FreeBSD 6.1 box running behind a router/gateway. When it tries to go into passive mode, it returns it's internal 192.168. ip address to the client which the client stupidly uses to try to connect to. I've confirmed this by tyring to FTP from several external systems (windows linux). Is there anyway to get the FreeBSD box to return the external address without making it act as the router/gateway? Thanks, Marty ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. MailScanner thanks transtec Computers for their support. ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: FTP server behind router/gateway
On Thu, 14 Sep 2006 16:40:18 +0200, [EMAIL PROTECTED] wrote: I have a FreeBSD 6.1 box running behind a router/gateway. When it tries to go into passive mode, it returns it's internal 192.168. ip address to the client which the client stupidly uses to try to connect to. I've confirmed this by tyring to FTP from several external systems (windows linux). Is there anyway to get the FreeBSD box to return the external address without making it act as the router/gateway? Thanks, Marty Maybe this site will help a bit: http://slacksite.com/other/ftp.html Andreas ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Free BSD Router/Gateway
Hiya, I'm new to Free BSD, but getting to like it. I have a project in mind, using a test setup to start but hopefully resulting in something I can use in a production environment. Currently my internal network has a couple of W2k servers which are getting long in the tooth like me, and keep falling over. In addition, the way my network in total is setup is rather wasteful of external IP addresses and has firewalls on all machines in addition to the main firewall/gateway to my internal network. This leads me to consider a router/gateway/firewall with DHCP and DNS connected to my ADSL link and routing via NAT and port forwarding etc to my internal network and DMZ and acting as a router/ firewall for the external IPs. This leads me to my first question, what modem should I use, is there a USB or PCI modem that works well with Free BSD? Thinking about the Firwall / Routing issue leads to more questions: What would the best way of doing this be, bearing in mind that it would need to be remotely administered, preferably by a web page? Is there a Howtoo or similar that would help? Thats probably enough for now. Thanks for your time. Rob ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Free BSD Router/Gateway
Robert Slade wrote: This leads me to my first question, what modem should I use, is there a USB or PCI modem that works well with Free BSD? Is there a reason you wouldn't just connect the 'modem' to the FreeBSD box via ethernet? The DSL comes into the modem, the ethernet goes out to the FreeBSD box. You would need a second NIC in the box for this. If you want to confirm compatible hardware, check out the hardware notes associated with the release you're using: http://www.freebsd.org/releases/index.html Thinking about the Firwall / Routing issue leads to more questions: What would the best way of doing this be, bearing in mind that it would need to be remotely administered, preferably by a web page? The minimal requirements would be: 1. NAT (network address translation) The FreeBSD handbook has some good material on configuring NAT and port forwarding. 2. Firewall Application (ipfw, ipf, ipfilter) 3. DHCP (dhcpd) 4. DNS (BIND, djbdns) These apps are either built in or easily available via the ports tree. If you're going to have multiple IPs coming in the DSL and routed to the hosts behind it, you'll want to look at aliasing the interface to accept traffic for all of them ('man ifconfig'). As for the remote administration, if you *really* want web based, webmin is popular (http://www.webmin.com/)but then again, so is ssh. If you can live with the command line, you won't have to install a webserver at all. Is there a Howtoo or similar that would help? Many. Google is your friend. http://www.google.com/search?hl=enq=freebsd+howto+firewallbtnG=Google+Search http://www.google.com/search?hl=enlr=safe=offq=freebsd+howto+NATbtnG=Search http://www.google.com/search?hl=enlr=safe=offq=freebsd+howto+DNSbtnG=Search etc ... Good luck. --Tim Erlin ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IPF/IPNat router/gateway
Sorry for the confusion; the Windows machine(s) were connected to the BSD box through a smaller hub I had lying around. The IPs are all static and have been manually entered. ...the ISP swears up and down that they don't rely on DHCP, so I'm still somewhat at a loss. thanks again. From: JJB [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED] To: Michael Zimmer [EMAIL PROTECTED],[EMAIL PROTECTED] Subject: RE: IPF/IPNat router/gateway Date: Sun, 23 May 2004 22:16:17 -0400 Problem can be in how you are cabled or how you assign private lan IP address to xp box behind FBSD. An single xp box cabled to your FBSD needs to be cabled using an crossover cable. An normal configuration is cabling FBSD box directly to public internet cable or dsl modem and then have all the xp systems cabled to hub and the hub cabled to FBSD box. Xp uses DHCP to automatically get an network ip address assigned and the reference DNS server ip address to use. On an private lan you have 2 ways of doing this. The manual way is to enter the network assigned ip address and dns servers ip address into xp. The other way is to install an DHCP server software on your FBSD gateway box so xp can get the info it needs automatically. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Zimmer Sent: Sunday, May 23, 2004 8:08 PM To: [EMAIL PROTECTED] Subject: IPF/IPNat router/gateway Hello. I apologize for asking a question which has been asked several dozen times before, but none of the prior-offered solutions seem to work. I'm trying to use a freeBSD box (v 5.1) as a gateway/router for my network. I've got a static IP range for the network, but can't get things running. (...the local machines are all running Windows XP Pro) The local machines can connect to my ISP when they're plugged in to the uplink, whether individually or through a hub, and the freeBSD box can as well. ...however, a machine plugged into the BSD box is unable to ping the BSD box and vice versa. IPF is set to pass in/out quick all from any to any IPNat has the following rules set: map rl0 192.168.1.0/24 - x.x.x.254/32 portmap tcp/udp 1:4 map rl0 192.168.1.0/24 - x.x.x.254/32 IP of the BSD box is x.x.x.254, mask 255.255.255.224 on the external NIC IP of the BSD box is 192.168.1.1, mask 255.255.255.224 on the internal NIC the lone machine connected to it at the moment is set on IP 192.168.1.2, mask 255.255.255.224, gateway 192.168.1.1 ...and rc.conf has gateway_enable, ipfilter_enable and ipnat_enable all set to YES thanks. _ [1]Stop worrying about overloading your inbox - get MSN Hotmail Extra Storage! References 1. http://g.msn.com/8HMAENUS/2737??PS=47575 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] _ [1]FREE pop-up blocking with the new MSN Toolbar get it now! References 1. http://g.msn.com/8HMBENUS/2728??PS=47575 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
IPF/IPNat router/gateway
Hello. I apologize for asking a question which has been asked several dozen times before, but none of the prior-offered solutions seem to work. I'm trying to use a freeBSD box (v 5.1) as a gateway/router for my network. I've got a static IP range for the network, but can't get things running. (...the local machines are all running Windows XP Pro) The local machines can connect to my ISP when they're plugged in to the uplink, whether individually or through a hub, and the freeBSD box can as well. ...however, a machine plugged into the BSD box is unable to ping the BSD box and vice versa. IPF is set to pass in/out quick all from any to any IPNat has the following rules set: map rl0 192.168.1.0/24 - x.x.x.254/32 portmap tcp/udp 1:4 map rl0 192.168.1.0/24 - x.x.x.254/32 IP of the BSD box is x.x.x.254, mask 255.255.255.224 on the external NIC IP of the BSD box is 192.168.1.1, mask 255.255.255.224 on the internal NIC the lone machine connected to it at the moment is set on IP 192.168.1.2, mask 255.255.255.224, gateway 192.168.1.1 ...and rc.conf has gateway_enable, ipfilter_enable and ipnat_enable all set to YES thanks. _ [1]Stop worrying about overloading your inbox - get MSN Hotmail Extra Storage! References 1. http://g.msn.com/8HMAENUS/2737??PS=47575 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IPF/IPNat router/gateway
-Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Michael Zimmer Sent: Sunday, May 23, 2004 7:08 PM To: [EMAIL PROTECTED] Subject: IPF/IPNat router/gateway Hello. I apologize for asking a question which has been asked several dozen times before, but none of the prior-offered solutions seem to work. I'm trying to use a freeBSD box (v 5.1) as a gateway/router for my network. I've got a static IP range for the network, but can't get things running. (...the local machines are all running Windows XP Pro) The local machines can connect to my ISP when they're plugged in to the uplink, whether individually or through a hub, and the freeBSD box can as well. ...however, a machine plugged into the BSD box is unable to ping the BSD box and vice versa. IPF is set to pass in/out quick all from any to any IPNat has the following rules set: map rl0 192.168.1.0/24 - x.x.x.254/32 portmap tcp/udp 1:4 map rl0 192.168.1.0/24 - x.x.x.254/32 IP of the BSD box is x.x.x.254, mask 255.255.255.224 on the external NIC IP of the BSD box is 192.168.1.1, mask 255.255.255.224 on the internal NIC the lone machine connected to it at the moment is set on IP 192.168.1.2, mask 255.255.255.224, gateway 192.168.1.1 ...and rc.conf has gateway_enable, ipfilter_enable and ipnat_enable all set to YES thanks. _ Hello, I used this great howto to get my ipfilter gateway going: http://bsdguides.org/guides/freebsd/networking/ipfilter.php however, a machine plugged into the BSD box is unable to ping the BSD box and vice versa. When you connect a XP to the Freebsd you still using Hub right? Or crossover cable? Andras Kende http://www.kende.com ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: IPF/IPNat router/gateway
Problem can be in how you are cabled or how you assign private lan IP address to xp box behind FBSD. An single xp box cabled to your FBSD needs to be cabled using an crossover cable. An normal configuration is cabling FBSD box directly to public internet cable or dsl modem and then have all the xp systems cabled to hub and the hub cabled to FBSD box. Xp uses DHCP to automatically get an network ip address assigned and the reference DNS server ip address to use. On an private lan you have 2 ways of doing this. The manual way is to enter the network assigned ip address and dns servers ip address into xp. The other way is to install an DHCP server software on your FBSD gateway box so xp can get the info it needs automatically. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Michael Zimmer Sent: Sunday, May 23, 2004 8:08 PM To: [EMAIL PROTECTED] Subject: IPF/IPNat router/gateway Hello. I apologize for asking a question which has been asked several dozen times before, but none of the prior-offered solutions seem to work. I'm trying to use a freeBSD box (v 5.1) as a gateway/router for my network. I've got a static IP range for the network, but can't get things running. (...the local machines are all running Windows XP Pro) The local machines can connect to my ISP when they're plugged in to the uplink, whether individually or through a hub, and the freeBSD box can as well. ...however, a machine plugged into the BSD box is unable to ping the BSD box and vice versa. IPF is set to pass in/out quick all from any to any IPNat has the following rules set: map rl0 192.168.1.0/24 - x.x.x.254/32 portmap tcp/udp 1:4 map rl0 192.168.1.0/24 - x.x.x.254/32 IP of the BSD box is x.x.x.254, mask 255.255.255.224 on the external NIC IP of the BSD box is 192.168.1.1, mask 255.255.255.224 on the internal NIC the lone machine connected to it at the moment is set on IP 192.168.1.2, mask 255.255.255.224, gateway 192.168.1.1 ...and rc.conf has gateway_enable, ipfilter_enable and ipnat_enable all set to YES thanks. _ [1]Stop worrying about overloading your inbox - get MSN Hotmail Extra Storage! References 1. http://g.msn.com/8HMAENUS/2737??PS=47575 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Router/Gateway
Hi, This is what I usually do. Here ISPIP is the IP your ISP gave you. COMPILE FIREWALL WITH cd /usr/src/sys/i386/conf cp GENERIC GATEWAY vi GATEWAY ident GATEWAY #ADDED BY SSR STARTS #TO ENABLE FIREWALL options IPFIREWALL options IPFIREWALL_VERBOSE options IPFIREWALL_VERBOSE_LIMIT=0 #ID FIELDS IN IP ADDRESS TO BE RANDOM INSTEAD OF INCREMENTAL options RANDOM_IP_ID #NATTING options IPDIVERT #FOR BANDWIDTH THROTTLING options DUMMYNET #ADDED BY SSR ENDS config -r GATEWAY cd ../../compile/GATEWAY make depend make make install reboot Edit /etc/sysctl.conf net.inet.ip.forwarding=1 net.inet.ip.check_interface=1 net.inet.tcp.blackhole=2 net.inet.udp.blackhole=1 net.inet.tcp.log_in_vain=2 net.inet.udp.log_in_vain=1 Edit /etc/ipnat.conf map vr0 10.0.0.1/24 - ISPIP/32 portmap tcp/udp 1:6 map vr0 10.0.0.1/24 - ISPIP/32 Edit /etc/rc.conf gateway_enable=YES ifconfig_rl0=inet ISPIP netmask 255.255.255.0 ifconfig_vr0=inet 10.0.0.1 netmask 255.255.255.0 firewall_enable=YES # Set to YES to enable firewall functionality firewall_script=/etc/rc.firewall # Which script to run to set up the firewall firewall_type=open # Firewall type (see /etc/rc.firewall) firewall_flags= # Flags passed to ipfw when type is a file natd_program=/sbin/natd # path to natd, if you want a different one. natd_enable=YES # Enable natd (if firewall_enable == YES). natd_interface=rl0 # Public interface or IPaddress to use. Edit /etc/ipf.rules pass in all pass out all R E B O O T Regards SSR From: horio shoichi [EMAIL PROTECTED] To: Extech [EMAIL PROTECTED] CC: [EMAIL PROTECTED] Subject: Re: Router/Gateway Date: Sat, 13 Dec 2003 14:31:48 +0900 On Thu, 11 Dec 2003 13:45:56 +0200 Extech [EMAIL PROTECTED] wrote: Hello I have looked through the archives and I have read the manual (Advance Networking) but could not find specific to address my question. I want to set up a FreeBSD 5.x box as a router/gateway on a permanent connection with a fixed IP address, there will also be other machines with fixed IP addresses (not 192.168.x.x but proper IP's) on this network. something like this: To internet exchange on T1 Leased Line | | | dc0 (196.x.x.1) - FreeBSD router/ gateway - | lr0 | | | - switch/hub - | | | | 196.x.x.2 | | 196.x.x.3 Server 1 Server 2 Obviously I have to have two network cards in the router/gateway (dc0 and lr0), I assume that I will configure dc0 with my fixed IP, but what do I do with lr0? Can somebody please point me in the right direction. Thanks extech ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] A popular solution is the route/gateway not have ip addresses that belong to allocated global ips, and use bridge configuration. If bridging is inadequate in your case, the thing pretty much depends on the cloud one hop away from dc0 interface. Describe it (modem/router, configuable/not, etc). horio shoichi ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] _ Dont miss out on jobs that are not advertised. http://go.msnserver.com/IN/38902.asp Post your CV on naukri.com today. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Router/Gateway
On Thu, Dec 11, 2003 at 01:45:56PM +0200, Extech [EMAIL PROTECTED] wrote a message of 52 lines which said: there will also be other machines with fixed IP addresses (not 192.168.x.x but proper IP's) on this network. RFC 1918 addresses like 192.168.0.0/16 *are* proper (from the point of view of the IP stack), they are just not public and hence not globally unique and not globally routable. I assume that I will configure dc0 with my fixed IP, but what do I do with lr0? Configure it with one of the addresses of the other network (the one which has proper addresses. Assume it is (just an example) 10.1.2.128/25, then you could use 10.1.2.129 (I myself use the convention that the default router of a network is always the first IP address of that network). On Ethernet, you must use one different IP address per interface (on point to point lines, some routers allow you to have unnumbered interfaces, not sure that it is true for FreeBSD). Be sure that your provider routes the above prefix (10.1.2.128/25) to you, otherwise your machines (except the router) will be able to send but not to receive. You can check that from http://www.traceroute.org/. ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: Router/Gateway
On Thu, 11 Dec 2003 13:45:56 +0200 Extech [EMAIL PROTECTED] wrote: Hello I have looked through the archives and I have read the manual (Advance Networking) but could not find specific to address my question. I want to set up a FreeBSD 5.x box as a router/gateway on a permanent connection with a fixed IP address, there will also be other machines with fixed IP addresses (not 192.168.x.x but proper IP's) on this network. something like this: To internet exchange on T1 Leased Line | | | dc0 (196.x.x.1) - FreeBSD router/ gateway - | lr0 | | | - switch/hub - | | | | 196.x.x.2 | | 196.x.x.3 Server 1Server 2 Obviously I have to have two network cards in the router/gateway (dc0 and lr0), I assume that I will configure dc0 with my fixed IP, but what do I do with lr0? Can somebody please point me in the right direction. Thanks extech ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] A popular solution is the route/gateway not have ip addresses that belong to allocated global ips, and use bridge configuration. If bridging is inadequate in your case, the thing pretty much depends on the cloud one hop away from dc0 interface. Describe it (modem/router, configuable/not, etc). horio shoichi ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Router/Gateway
Hello I have looked through the archives and I have read the manual (Advance Networking) but could not find specific to address my question. I want to set up a FreeBSD 5.x box as a router/gateway on a permanent connection with a fixed IP address, there will also be other machines with fixed IP addresses (not 192.168.x.x but proper IP's) on this network. something like this: To internet exchange on T1 Leased Line | | | dc0 (196.x.x.1) - FreeBSD router/ gateway - | lr0 | | | - switch/hub - | | | | 196.x.x.2 | | 196.x.x.3 Server 1Server 2 Obviously I have to have two network cards in the router/gateway (dc0 and lr0), I assume that I will configure dc0 with my fixed IP, but what do I do with lr0? Can somebody please point me in the right direction. Thanks extech ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]