From owner-freebsd-questions Fri Nov 17 0:33:52 2000 Delivered-To: freebsd-questions@freebsd.org Received: from whale.sunbay.crimea.ua (whale.sunbay.crimea.ua [212.110.138.65]) by hub.freebsd.org (Postfix) with ESMTP id 3750137B479 for ; Fri, 17 Nov 2000 00:33:48 -0800 (PST) Received: (from ru@localhost) by whale.sunbay.crimea.ua (8.11.0/8.11.0) id eAH8XeR96990; Fri, 17 Nov 2000 10:33:40 +0200 (EET) (envelope-from ru) Date: Fri, 17 Nov 2000 10:33:40 +0200 From: Ruslan Ermilov To: Reinoud van Leeuwen Cc: freebsd-questions@FreeBSD.ORG Subject: Re: natd question (active ftp over other ports than 20-21) Message-ID: <20001117103340.C95524@sunbay.com> Mail-Followup-To: Reinoud van Leeuwen , freebsd-questions@FreeBSD.ORG References: <3a155d4a.13409750@smtp.xs4all.nl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3a155d4a.13409750@smtp.xs4all.nl>; from reinoud@xs4all.nl on Thu, Nov 16, 2000 at 10:21:13PM +0000 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Nov 16, 2000 at 10:21:13PM +0000, Reinoud van Leeuwen wrote: > I have a question about natd.My (home) network setup is like this > > - FreeBSD 4.1 ISDN dialup router, doing NAT (now from ppp, but natd is > also possible) > - a few PC (windows) clients > - a FreeBSD server (file web print etc) > > I have a banking application on a windows PC (ABN Amro Homenet) that > communicates to the bank through FTP over non-standard portnumbers. > (41 (data) ,42 (command), 62 (data) ,63 (command)). The client opens a > connection to the server on port 42 and the server tries to open a > connection back on port 41. > NAT doe snot seem to recognise this, so the application cannot > cummunicate with the bank... > > People using Linux have solved this problem by using the command > insmod ip_masq_ftp ports=21,42,63 > > this tells the ftp proxy that it should use extra ports that have the > same behaviour as the standard ftp port > > I dont like the solution by making static NAT routes to only one > client, because this limits the number of PC's that can use this > application. The application does not have an option for passive ftp. > > Any ideas? > You have only one possibility -- to hack libalias(3) sources. -- Ruslan Ermilov Oracle Developer/DBA, ru@sunbay.com Sunbay Software AG, ru@FreeBSD.org FreeBSD committer, +380.652.512.251 Simferopol, Ukraine http://www.FreeBSD.org The Power To Serve http://www.oracle.com Enabling The Information Age To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message