Hi, I have a web/ftp server into DMZ via proxy arp behind a shorewall 4.4.x firewall.
All work fine, also FTP in passive mode, but not in active mode. I have a old hardware witch put some some time data binary files via ftp on my server, sin that does not support passive mode (like ftp.exe of winxp also do) and this is my problem. On my network I have 3 Centos6.3 ftp server (2 for test only): 1) on firewall (for test only) 2) into LAN via nat (for test only) 3) into DMZ via proxyarp (real server) In shorewall I have this 3 rules: 1) FTP(ACCEPT) net fw:1.1.1.1 2) DNAT net loc:192.168.1.250 tcp ftp - 1.1.1.3 3) FTP(ACCEPT) net dmz:1.1.1.2 Only the server 2 work fine in active and passive mode, only on server 2 my old external hardware work and load the data file via PUT and list via DIR without timeout. On server 1 (test server) and 3 (real destination server) the ftp transfer data work only in passive mode (tested with ncftp.exe and FileZilla on winXP and lftp on client Linux), in active mode (ftp.exe winxp) the connection to server with account work, but the subsequent PUT and DIR commands goto timeout Someone have some suggest? Many thanks -- Dario Lesca - sip:[email protected] (Inviato dal mio Linux Fedora 17 Gnome3) ------------------------------------------------------------------------------ Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and much more. Get web development skills now with LearnDevNow - 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122812 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
