From owner-freebsd-questions  Wed Mar  7  5:55:18 2001
Delivered-To: freebsd-questions@freebsd.org
Received: from mx3out.umbc.edu (mx3out.umbc.edu [130.85.253.53])
	by hub.freebsd.org (Postfix) with ESMTP id E488937B719
	for <freebsd-questions@freebsd.org>; Wed,  7 Mar 2001 05:55:15 -0800 (PST)
	(envelope-from gmiddl1@gl.umbc.edu)
Received: from linux3.gl.umbc.edu (IDENT:gmiddl1@linux3.gl.umbc.edu [130.85.60.39])
	by mx3out.umbc.edu (8.9.3/8.9.3) with ESMTP id IAA11985;
	Wed, 7 Mar 2001 08:54:56 -0500 (EST)
Date: Wed, 7 Mar 2001 08:54:56 -0500 (EST)
From: "G. Jason Middleton" <gmiddl1@gl.umbc.edu>
To: Barry Irwin <bvi@devco.net>
Cc: <freebsd-questions@freebsd.org>
Subject: Re: forwarding ftp requests using natd
In-Reply-To: <20010307092714.F79442@devco.net>
Message-ID: <Pine.LNX.4.31L.02.0103070854410.29901-100000@linux3.gl.umbc.edu>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

thanks for the help!

G. Jason Middleton


On Wed, 7 Mar 2001, Barry Irwin wrote:

> On Wed 2001-03-07 (01:07), G. Jason Middleton wrote:
> >
> > here is how my network is set up
> >
> > running natd of course
> >
> > internet ip is on de0  65....
> > internal ip is on dc0 192.168.0.1
> >
> > the ftp server is 192.168.0.200
> >
> > how do i forward outside requests to the ftp server?
> >
> > I have tried natd -redirect_port tcp 10.0.0.2:23 23 -interface pe0
> > using my own ip address of course but i go the following error
> >
> > natd: Unable to bind divert socket.: Address already in use
>
> Have you got another natd already listening/running ?
> Remember you need to use ipfw rules to pass packets to natd (man ipfw)
> Also the port you need is port 21 (ftp-command) rather than 23 (telnet). Be
> aware tho that there are some problems with running an ftp server behind a
> natd, in that if the client is also behind a nat box/firewall, they will not
> be able to connect due to the issues involved in active/passive opens.
>
> The best solution I have found is to run a ftp gateway on the firewall box.
> This allows for full active/passive connections, with the minimum of fuss.
> have a look at jftpgw http://www.mcknight.de/jftpgw/
>
> Barry
>

G. Jason Middleton


_______________________________________________________________________________






Announcement:

The revolution will not be televised.




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message