Date: Fri, 18 Oct 2002 07:14:51 -0700 From: chip.wiegand@simrad.com To: Artem Okounev <aokounev@yahoo.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: natd not allowing incoming ftp connections, but web is okay Message-ID: <OF7F63C9D5.D9A44E2C-ON88256C56.004D8977-88256C56.004E9E11@simrad.no> In-Reply-To: <7282201860.20021018132447@yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
owner-freebsd-questions@FreeBSD.ORG wrote on 10/18/2002 03:24:47 AM: <snip> > That is because of the nature of the FTP protocol. FTP uses > two separate TCP connections: one for commands (port 21) and > another one for data (port 20). What's going on when client > tries to establish the FTP session? I tried from my office using wsftp, twice, once in active mode and once in passive mode, both result in the following error: ! Can't get "ftp://66.114.152.128/" host entry ! Connection failed ftp://66.114.152.128/ <snip> > So if client uses active mode ftp you should not mention > port 20 in "redirect port" directive (data channel will be > aliased according to "alias address" directive): > redirect_port tcp 192.168.1.14:21 21 > If client uses passive mode FTP then you probably should use > two directives: > redirect_port tcp 192.168.1.14:21 21 > redirect_port tcp 192.168.1.14:49152-65535 49152-65535 Is it okay to have all 3 of the above redirect lines? I changed my natd.conf line for ftp to the first line above, and also added the other two lines. Is that a problem? <snip> > Is /var/log/alias.log exists and has correct permissions? It did exist, has two lines, but no error lines, so then I set the permissions to 755, it still didn't get written to, then I changed it to 777, still not getting written to. > You may also try to log events via syslog using > "log_facility" directive. Would that fill the syslog full of natd/firewall messages? Sometimes there are tons of messages. -- Chip > - -- > Best regards, > Artem mailto:aokounev@yahoo.com > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.0 (MingW32) > iD8DBQE9r+F6bOuJ0KL1C+MRAsAhAJ9uV3if84mDkq6DLy6mHDTLO1+V5ACdHf5/ > zIYu6XId3WVQPDqBdERC0FA= > =+gLt > -----END PGP SIGNATURE----- > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?OF7F63C9D5.D9A44E2C-ON88256C56.004D8977-88256C56.004E9E11>