From owner-freebsd-questions Thu Jan 25 8:59:44 2001 Delivered-To: freebsd-questions@freebsd.org Received: from ozlerplastik.com (unknown [212.253.41.4]) by hub.freebsd.org (Postfix) with ESMTP id 82B2B37B400 for ; Thu, 25 Jan 2001 08:59:19 -0800 (PST) Received: (from root@localhost) by ozlerplastik.com (8.11.1/8.9.3) id f0PGxGj25034 for freebsd-questions@FreeBSD.ORG.AVP; Thu, 25 Jan 2001 18:59:16 +0200 (EET) Received: from ozlerplastik.com (ertan [192.168.0.20]) by ozlerplastik.com (8.11.1/8.9.3) with ESMTP id f0PGxG025028; Thu, 25 Jan 2001 18:59:16 +0200 (EET) Message-ID: <3A705A51.9117A527@ozlerplastik.com> Date: Thu, 25 Jan 2001 18:54:41 +0200 From: Ertan Kucukoglu Organization: =?iso-8859-9?Q?=D6zler?= Plastik San. ve Tic. A.S. X-Mailer: Mozilla 4.75 [en] (Win98; U) X-Accept-Language: tr,en MIME-Version: 1.0 To: freebsd-questions@FreeBSD.ORG Cc: Lowell Gilbert Subject: Re: Firewall and ftp References: <3A702FC5.48771E4@ozlerplastik.com> <44wvbjsjby.fsf@lowellg.ne.mediaone.net> Content-Type: text/plain; charset=iso-8859-9 Content-Transfer-Encoding: 7bit Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Lowell Gilbert wrote: > > ertank@ozlerplastik.com (Ertan Kucukoglu) writes: > > > I want to use ftp client and ftp server behind a firewall. > > > > I tried to open ports 20 and 21 but, couldn't manage to use it. People can > > connect, give their passwords, but when they try to ls or get some file or > > something that my machine should send data to them it hangs there. > > > > Which ports should be opened for proper ftp usage? > > > > I'm using ipfw, system is FreeBSD 4.2-STABLE. Internet NIC is called fxp1 on > > my machine. Also there is fxp0 for my LAN. ftp server is FreeBSD ftp server. > > If both the server and client are behind separate firewalls, you won't > be able to use FTP between them unless the firewall has special code > to snoop on FTP control traffic and open ports for the data > connections dynamically. I don't believe that ipfw or ipf do this. > An ftp proxy may help, but you would need to open holes for *that* > instead. No, only the server is behind firewall. > > Note that the FreeBSD ftp client will by default use ports in the > range 49152-65535. You could open up that whole range, and FTP would > work, but, well, you'd've opened up a very big hole in your firewall. I have very little information about ipfw. But, there should be a better way? > > If only the client is behind a firewall, then FTP should work fine if > you use passive mode. If only the server is behind a firewall, then > only active mode will work. > > Good luck. > Thank you to all. -- Ertan Kucukoglu ertank@ozlerplastik.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message