From owner-freebsd-questions  Sat Mar 16 16:25:51 2002
Delivered-To: freebsd-questions@freebsd.org
Received: from mail.radzinschi.com (pcp284510pcs.owngsm01.md.comcast.net [68.54.240.17])
	by hub.freebsd.org (Postfix) with ESMTP id A80AC37B405
	for <freebsd-questions@FreeBSD.ORG>; Sat, 16 Mar 2002 16:25:43 -0800 (PST)
Received: from localhost (marco@localhost.radzinschi.com [127.0.0.1])
	by mail.radzinschi.com (8.11.6/8.11.6) with ESMTP id g2H0Pf561837;
	Sat, 16 Mar 2002 19:25:41 -0500 (EST)
	(envelope-from marco@radzinschi.com)
Date: Sat, 16 Mar 2002 19:25:41 -0500 (EST)
From: Marco Radzinschi <marco@radzinschi.com>
To: Donnie Jones <donniejones18@yahoo.com>
Cc: <freebsd-questions@FreeBSD.ORG>
Subject: CORRECTION: ftp server and freebsd gateway ( ipnat )
In-Reply-To: <20020316132946.N61193-100000@mail.radzinschi.com>
Message-ID: <20020316191834.C61753-100000@mail.radzinschi.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-questions.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-questions>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-questions>
X-Loop: FreeBSD.ORG


Hello:

	Just noticed a mistake in my original reply.  Don't know how I
made this one, since I know good and well that one must open up ports >
1024 for FTP-PROXY to work.

In active FTP mode, the server opens up a connection FROM port 20 to a
client port > 1024.  If the client is behind a firewall that blocks
incoming connections to ports > 1024, active FTP will not work.

Small mistake on my part, but one could interpret it to mean that
allowing incoming connections on port 20 on the client side will fix
active FTP.  This is not the case, as ports > 1024 need to be open on the
client firewall, and forwarded accordingly.

Marco Radzinschi

E-Mail: marco@radzinschi.com
AOL IM: CrackedBoy

On Sat, 16 Mar 2002, Marco Radzinschi wrote:

[snip!]

> The only problem I can see with your setup is that in active mode, the FTP
> servers open up a connection to port 20 on the client.  Their firewall
> may not be letting port 20 in, in which case active mode will not work for them.
>
> If the clients are behind a firewall, they will not be able to connect to
> your FTP servers unless their firewall has an FTP-PROXY to allow active
> FTP connections.

[snip!]


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message