Date: Tue, 25 May 1999 16:35:33 -0500 From: =?iso-8859-1?Q?Alejandro_Ram=EDrez?= <ales@megared.net.mx> To: "Ed Keith" <edk@kew.com> Cc: "freebsd-questions" <freebsd-questions@FreeBSD.ORG> Subject: RE: which ftp proxy? Message-ID: <009801bea6f6$85912480$f9a3f9cf@megared.net.mx> References: <37488BDD.DDB88F1D@kew.com> <01f701bea602$067c2fe0$f9a3f9cf@megared.net.mx> <374A270C.E7FF8E42@kew.com> <014801bea6bf$fb8033c0$f9a3f9cf@megared.net.mx> <374AF773.68CC17E3@kew.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, You should try to enable natd, it will do what you want, and its better than having a proxy server, anyway in one case or another, you will be routing packets fron one interface to another, you can´t avoid that, enabling natd its very simple, just set these lines in the /etc/rc.conf file: gateway_enable="YES" # Set to YES if this host will be a gateway. natd_enable="YES" # Enable natd (if firewall_enable == YES). natd_interface="fxp0" # Public interface to use with natd (it´s your outside interface). natd_flags="" # Additional flags for natd (see "man natd"). Ales ----- Original Message ----- From: Ed Keith <edk@kew.com> To: Alejandro Ramírez <ales@megared.net.mx> Cc: freebsd-questions <freebsd-questions@FreeBSD.ORG> Sent: Tuesday, May 25, 1999 2:18 PM Subject: Re: which ftp proxy? > No packets get through the firewall. The firewall system is dual homed. No > packets are routed between the two addresses. (The internal network is > 192.168.19.x, so it would be very bad if packets were routed.) > If I want to ftp out I need to log onto the firewall machine and ftp from there > then ftp again (using an ftp server on the firewall that only connects to the > inside network) from the firewall to my desktop. > > -EdK > > Alejandro Ramírez wrote: > > > Hi, > > > > If you are behind a firewall, and the ports: > > > > ftp-data 20/tcp #File Transfer [Default Data] > > ftp-data 20/udp #File Transfer [Default Data] > > ftp 21/tcp #File Transfer [Control] > > ftp 21/udp #File Transfer [Control] > > > > aren´t specifically blocked out by your system administrator (that i don´t > > think they are), you must use the "passive" mode in ftp transfers, the > > "passive" mode must be used always that you are behind a firewall, this is a > > rule to have a good ftp session, if your system administrator did > > specifically blocked out this ports, you may ask him to unblock them out (in > > /etc/rc.firewall), since this is simpler than to install a proxy server. And > > if you want to have more security in your network, and you have already > > configured ipfw, then you may try to enable "natd" (network address > > translation), it will let you have private ip addresses in your network and > > go outside with a public address for all of your machines (instead of > > installing a proxy server) but you still will have to use the "passive" mode > > in ftp transfers. > > > > Ales > > > > ----- Original Message ----- > > From: Ed Keith <edk@kew.com> > > To: Alejandro Ramírez <ales@megared.net.mx> > > Cc: freebsd-questions <freebsd-questions@FreeBSD.ORG> > > Sent: Monday, May 24, 1999 11:29 PM > > Subject: Re: which ftp proxy? > > > > > I don't think that will help since all packets are blocked by the > > firewall. > > > I think I need to use a proxy server. But I don't know which one would be > > > best for my needs. (very small network, light volume, newbe site admin., > > > paranoid domain administrator who may want me to justify why I picked the > > one > > > decide to use.) > > > > > > -EdK > > > > > > > > > Alejandro Ramírez wrote: > > > > > > > Hi, > > > > > > > > Try the "passive" option in the ftp program. > > > > > > > > Ales > > > > > > > > ----- Original Message ----- > > > > From: Ed Keith <edk@kew.com> > > > > To: freebsd-questions <freebsd-questions@FreeBSD.ORG> > > > > Sent: Sunday, May 23, 1999 6:14 PM > > > > Subject: which ftp proxy? > > > > > > > > > I'm running FreeBSD 2.28 and ipfw. I want to install an ftp proxy so I > > > > > can connect to ftp sites from behind the firewall. What is > > recommended? > > > > > > > > > > Thanks in advance, > > > > > -EdK > > > > > > > > > > > > > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > > > > with "unsubscribe freebsd-questions" in the body of the message > > > > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?009801bea6f6$85912480$f9a3f9cf>