On Oct 3, 2005, at 5:26 PM, Scott Ullrich wrote:
If you are selectively blocking ports (as opposed to allowing all out from lan) make sure you have a rule allowing traffic from the lan to 127.0.0.1 (where the FTP helper listens).
does this mean that I need to allow inbound FTP to 127.0.0.1 for my 1:1 nat'd box to be able to ftp? so it can talk to the ftp helper?
my problem is this: my "server" which is inside the firewall is 1:1 nat'd to a public IP. every other system inside can ftp out just fine using normal nat. however this one box can no longer use freebsd's "fetch" utility to ftp sites, making it incredibly hard to use ports :-) passive or not, it just fails to fetch the data.
it worked with our old firewall. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
