From owner-freebsd-ipfw@FreeBSD.ORG Tue Jul 19 09:56:39 2011 Return-Path: Delivered-To: freebsd-ipfw@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id C6B981065677 for ; Tue, 19 Jul 2011 09:56:39 +0000 (UTC) (envelope-from david@pcnetwork.co.za) Received: from webserv.cybersmart.co.za (ns05.pcnetwork.co.za [196.41.124.223]) by mx1.freebsd.org (Postfix) with ESMTP id 2E9A88FC16 for ; Tue, 19 Jul 2011 09:56:36 +0000 (UTC) Received: from [41.177.245.140] (port=11431 helo=pcnetwork.pcnetwork.local) by webserv.cybersmart.co.za with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.76 (FreeBSD)) (envelope-from ) id 1Qj72V-000Ik0-6Q for freebsd-ipfw@freebsd.org; Tue, 19 Jul 2011 11:56:32 +0200 Received: from pcnetwork.pcnetwork.local ([fe80::586f:4435:ed17:d4f9]) by pcnetwork.pcnetwork.local ([fe80::586f:4435:ed17:d4f9%13]) with mapi; Tue, 19 Jul 2011 11:56:17 +0200 From: David van Rensburg - PC Network To: "freebsd-ipfw@freebsd.org" Thread-Topic: ipfw nat and ftp Thread-Index: AcxF+e4QywubYtWATjSGxxN2aaEJgA== Date: Tue, 19 Jul 2011 09:56:16 +0000 Message-ID: Accept-Language: en-ZA, en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: MIME-Version: 1.0 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - webserv.cybersmart.co.za X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [26 6] / [26 6] X-AntiAbuse: Sender Address Domain - pcnetwork.co.za Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.5 Subject: ipfw nat and ftp X-BeenThere: freebsd-ipfw@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: IPFW Technical Discussions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 19 Jul 2011 09:56:39 -0000 Hi Guys, IS there anyway to get ftp to work properly with ipfw and nat without openi= ng all high ports ? In linux I used to use a module that handled it for me. Now im getting a deny log as: Jul 19 11:49:54 bsd kernel: ipfw: 450 Deny TCP 192.168.1.99:51446 196.43.2.= 109:34049 out via rl0 Any help would be appreciated. David van Rensburg PC Network Tel: 0215107600 Fax: 0215104165 www.pcnetwork.co.za This electronic communication and the attached file(s) are subject to terms= and conditions which can be accessed on the following link: http://www.pcnetwork.co.za/terms as well as the acceptable usage policy whi= ch can be accessed on: http://www.pcnetwork.co.za/aup If you are unable to view the above, please contact support@pcnetwork.co.za= for a copy.