From owner-freebsd-questions@FreeBSD.ORG  Thu Apr 17 01:31:07 2008
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
Delivered-To: freebsd-questions@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 60AC41065670
	for <freebsd-questions@freebsd.org>;
	Thu, 17 Apr 2008 01:31:07 +0000 (UTC)
	(envelope-from freebsd-questions@m.gmane.org)
Received: from ciao.gmane.org (main.gmane.org [80.91.229.2])
	by mx1.freebsd.org (Postfix) with ESMTP id 1BF6E8FC13
	for <freebsd-questions@freebsd.org>;
	Thu, 17 Apr 2008 01:31:06 +0000 (UTC)
	(envelope-from freebsd-questions@m.gmane.org)
Received: from list by ciao.gmane.org with local (Exim 4.43)
	id 1JmIxr-0007yN-LP
	for freebsd-questions@freebsd.org; Thu, 17 Apr 2008 01:31:03 +0000
Received: from mar92-9-82-237-75-54.fbx.proxad.net ([82.237.75.54])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <freebsd-questions@freebsd.org>; Thu, 17 Apr 2008 01:31:03 +0000
Received: from gilles.ganault by mar92-9-82-237-75-54.fbx.proxad.net with
	local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <freebsd-questions@freebsd.org>; Thu, 17 Apr 2008 01:31:03 +0000
X-Injected-Via-Gmane: http://gmane.org/
To: freebsd-questions@freebsd.org
From: Gilles <gilles.ganault@free.fr>
Date: Thu, 17 Apr 2008 03:30:51 +0200
Lines: 17
Message-ID: <hq9d04lrm3bocphdo0msfnh5pnfved0ar2@4ax.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Complaints-To: usenet@ger.gmane.org
X-Gmane-NNTP-Posting-Host: mar92-9-82-237-75-54.fbx.proxad.net
X-Newsreader: Forte Agent 3.1/32.783
Sender: news <news@ger.gmane.org>
Subject: FTP server behind firewall?
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Apr 2008 01:31:07 -0000

Hello

We have FreeBSD server on our private LAN behind a NAT firewall on
which I'd like to add an FTP server so that customers can send us
stuff.

Problem is, since customers might have a NAT firewall on their end,
the client application must connect in passive mode... but this just
moves the problem to our end, where the FTP server will open a random
port for data... to which the client will fail connecting since our
NAT firewall is keeping them out of our LAN :-/

Is there a way to keep our server in the private LAN and still provide
a way for customers to upload data? Hard-code the socket number used
by the FTP server for data? Use a different type of server?

Thank you.