Date: Thu, 29 Aug 2002 09:53:08 -0500 From: David Kelly <dkelly@hiwaay.net> To: Daniel Bye <dan@slightlystrange.org> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: Passive FTP not working on FreeBSD 4.6.2 (Ports) Message-ID: <20020829145308.GB91125@grumpy.dyndns.org> In-Reply-To: <20020829135130.GF17153@catflap.home.slightlystrange.org> References: <200208290845.AA87425230@mail.aplusdata.com> <006201c24f5e$823a63a0$b50d030a@PATRICK> <20020829135130.GF17153@catflap.home.slightlystrange.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Aug 29, 2002 at 02:51:30PM +0100, Daniel Bye wrote:
>
> You need to set ${FTP_PASSIVE_MODE} in your shell's environment. Set it
> to anything other than "NO". You can either do this from your shell
> dotfiles, or you can modify the setenv directive in /etc/login.conf, so
> the change is available to all users who log in.
The default is PASSIVE in /etc/login.conf.
The inverse of PASSIVE is not ACTIVE but NONPASSIVE. Passive mode was a
hack added to ftp in order to get thru unintelligent (passive)
firewalls and make things easy for NAT. For normal non-passive ftp the
firewall has to open a path from the ftp server to the internal client.
And for NAT it also has to map to the internal IP address. FreeBSD's
natd with the punch_fw option does this.
If passive doesn't work then try non-passive. My firewall is ipfw with
natd, natd has the punch_fw option enabled to permit ftp. I don't allow
any and all outgoing connections, so passive ftp does not work here.
Non-passive does. I don't know why, once ftp was working the issue of
passive ftp became unimportant.
I haven't figured out how to non-passive ftp with IE 5. IIRC found a
switch in IE 6 to control it. On the Macintosh IE is smarter and is able
to get thru with non-passive altho the status said for about 30 seconds
"opening passive connection" before things suddenly start working. My
IPFW log clearly shows it is a non-passive connection.
But back to your problem. I suspect a block of internal ports is open to
outside port 20, and FreeBSD is not using a port in that range but NcFTP
is, as does your Windows machines.
--
David Kelly N4HHE, dkelly@hiwaay.net
=====================================================================
The human mind ordinarily operates at only ten percent of its
capacity -- the rest is overhead for the operating system.
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020829145308.GB91125>