Date: Mon, 3 Jun 2002 16:56:19 -0300 (ART) From: Fernando Gleiser <fgleiser@cactus.fi.uba.ar> To: Darryl Hoar <darryl@osborne-ind.com> Cc: <freebsd-questions@FreeBSD.ORG> Subject: RE: IPFILTER & FTP Message-ID: <20020603165222.R78390-100000@localhost> In-Reply-To: <005501c20b34$fd329230$0701a8c0@darryl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, 3 Jun 2002, Darryl Hoar wrote: > > Well, > I checked my ipf.rules file and my out bound and inbound have > keep state. I have tried putting: > map xl0 0/0 -> 0/32 proxy port 21 ftp/tcp > in my ipnat.rules file. When I do this, I can ftp passive into > a machine when logged into my firewall. From any other machine > on my network, no joy. > > If I replace that with: > map xl0 192.168.1.0/24 -> 0/32 proxy port ftp ftp/tcp > I can't ftp even from the firewall. I have double checked my > ipf.rules and they look right. What am I missing here? Post the following: 1. Your ipnat.rules file. 2. your ipf.rules file. 3. The output of a 'sysctl net.inet' You can also try flushing the ipf rules, to check if the ftp transfer gets blocked by some ipf rule. Load them as soon as you finish the test. Fer > > thanks for any ideas, > Darryl > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-questions" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020603165222.R78390-100000>