Date: Thu, 11 Oct 2001 12:50:59 -0700 (PDT) From: Jerry Murdock <jerry_murdock@yahoo.com> To: Attila Nagy <bra@fsn.hu> Cc: freebsd-security@freebsd.org Subject: Re: Jail vs Active FTP Message-ID: <20011011195059.81764.qmail@web14606.mail.yahoo.com> In-Reply-To: <20011011210142.G32220-100000@scribble.fsn.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
--- Attila Nagy <bra@fsn.hu> wrote: > Hello, > > > When initiating an FTP transfer use "ftp" inside the jail, I get an > > "500 Invalid Port Command" error. Should I be able to initiate and > > active FTP session from inside a jail? > I often run jails with 127/8 IPs or private (non-routable intranet) > addressess. > The easiest solution is to put IPF into the kernel and use its built-in > FTP proxy. > Thanks for the tip. I already had "MAP map tun0 0.0.0.0/0 -> 0/32 proxy port ftp ftp/tcp" in the IPNAT rules, which I thought would be enough. I went back and added an explicit "MAP map tun0 jail.ad.dr.ess/32 -> 0/32 proxy port ftp ftp/tcp" which fixed it up. I should have thought of it myself. Jerry __________________________________________________ Do You Yahoo!? Make a great connection at Yahoo! Personals. http://personals.yahoo.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011011195059.81764.qmail>