Date: Fri, 19 Jun 1998 19:08:53 +0200 From: Eivind Eklund <eivind@yes.no> To: Carroll Kong <damascus@eden.rutgers.edu>, freebsd-stable@FreeBSD.ORG Subject: Re: NATD Problems and War-FTPD Message-ID: <19980619190853.57863@follo.net> In-Reply-To: <199806182117.OAA16211@hub.freebsd.org>; from Carroll Kong on Thu, Jun 18, 1998 at 05:18:58PM -0500 References: <Pine.LNX.3.96.980609155513.6248A-100000@kosh.cococo.net> <199806092041.NAA00690@hub.freebsd.org> <199806182117.OAA16211@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 18, 1998 at 05:18:58PM -0500, Carroll Kong wrote: > Hi guys. I am using NATD with a 2.2.6 FreeBSD stable box. So far, natd > has been working great, and through the use of the "Permanent Link" > arguments and options, I was able to get onto services like "battle.net" > which used udp packets on a high port. > Now, I am experiencing some problems with connecting to the warftpd of > Microsoft systems. I am using a client end machine off of the natd box, > trying to ftp into a war-ftp daemon server which is not using the default > 21 port. They are using some insane port like 10500. I figured, a mere > "redirect_port 192.168.1.2:21 10500" should work, or "Permanent_link > 192.168.1.2:10500 0.0.0.0:10500 10500" would work (while adding an entry on > /etc/services), or "redirect_address 192.168.0.1.2 0.0.0.0" would work. > But none of them did. My Microsoft System that is behind the natd freebsd > box cannot ftp into these sites using clients such as cute ftp or bullet > ftp. > Does anyone know what could be wrong? Or what I am doing wrong? I am > pretty sure those command shoud have worked, but none have. I can login, > but when it send me the "ASCII ls -l", it fails. I heard that linux needed > an "ftp module" for their ip masquerading, but I am pretty sure that natd > can do this on it's own. > Does anyone know of a solution? Or what I am doing wrong? You're assuming you can run FTP control sessions on a different port. libalias (which NATD is built on) does not support this. If you want to change that, you can do it - source is available. The following patch will allow you to set a single extra port: Index: alias.c =================================================================== RCS file: /home/ncvs/src/lib/libalias/alias.c,v retrieving revision 1.5 diff -u -r1.5 alias.c --- alias.c 1998/04/19 21:42:04 1.5 +++ alias.c 1998/06/19 16:51:01 @@ -93,7 +93,8 @@ #include "alias_local.h" #include "alias.h" -#define FTP_CONTROL_PORT_NUMBER 21 +#define FTP_CONTROL_PORT_NUMBER_1 21 +#define FTP_CONTROL_PORT_NUMBER_2 10500 #define IRC_CONTROL_PORT_NUMBER_1 6667 #define IRC_CONTROL_PORT_NUMBER_2 6668 @@ -780,8 +781,10 @@ TcpMonitorOut(pip, link); /* Special processing for ftp connection */ - if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER - || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER) + if (ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER_1 + || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER_1 + || ntohs(tc->th_dport) == FTP_CONTROL_PORT_NUMBER_2 + || ntohs(tc->th_sport) == FTP_CONTROL_PORT_NUMBER_2) AliasHandleFtpOut(pip, link, maxpacketsize); if (ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_1 || ntohs(tc->th_dport) == IRC_CONTROL_PORT_NUMBER_2) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19980619190853.57863>