From owner-freebsd-stable@FreeBSD.ORG  Fri Nov 21 12:57:37 2008
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 4F2A21065675
	for <freebsd-stable@freebsd.org>; Fri, 21 Nov 2008 12:57:37 +0000 (UTC)
	(envelope-from sclark46@earthlink.net)
Received: from elasmtp-curtail.atl.sa.earthlink.net
	(elasmtp-curtail.atl.sa.earthlink.net [209.86.89.64])
	by mx1.freebsd.org (Postfix) with ESMTP id 2280E8FC08
	for <freebsd-stable@freebsd.org>; Fri, 21 Nov 2008 12:57:36 +0000 (UTC)
	(envelope-from sclark46@earthlink.net)
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk20050327; d=earthlink.net;
	b=jos9SaSzUbpm3pRAqfYIDXI0IyuidujZw6HKR+W1SY15oQGUADAOlU2HMYHlYzMv;
	h=Received:Message-ID:Date:From:Reply-To:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP;
Received: from [208.118.36.229] (helo=joker.seclark.com)
	by elasmtp-curtail.atl.sa.earthlink.net with esmtpsa
	(TLSv1:AES256-SHA:256) (Exim 4.67)
	(envelope-from <sclark46@earthlink.net>) id 1L3VZo-0006XI-49
	for freebsd-stable@freebsd.org; Fri, 21 Nov 2008 07:57:36 -0500
Message-ID: <4926B03E.6020108@earthlink.net>
Date: Fri, 21 Nov 2008 07:57:34 -0500
From: Stephen Clark <sclark46@earthlink.net>
User-Agent: Thunderbird 2.0.0.16 (X11/20080723)
MIME-Version: 1.0
To: FreeBSD Stable <freebsd-stable@freebsd.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-ELNK-Trace: a437fbc6971e80f61aa676d7e74259b7b3291a7d08dfec79eb9c3682f0fd0557662bd2a5e63c8502350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c
X-Originating-IP: 208.118.36.229
Subject: support for natted ftp server and passive mode
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: sclark46@earthlink.net
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Nov 2008 12:57:37 -0000

Do any of the firewall products on FreeBSD provide support
for a natted ftp server sitting behind the FreeBSD FW.

Without having the ftp server advertise the external address
in its passive mode packet, in other words have the firewall
product look inside the packet and change the internal address
in the data portion of the packet to the external address.

Thanks,
Steve

-- 

"They that give up essential liberty to obtain temporary safety,
deserve neither liberty nor safety."  (Ben Franklin)

"The course of history shows that as a government grows, liberty
decreases."  (Thomas Jefferson)