From owner-freebsd-questions@FreeBSD.ORG Tue Sep 21 08:48:34 2004 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 94E2516A4CE; Tue, 21 Sep 2004 08:48:34 +0000 (GMT) Received: from mail.dannysplace.net (allxs.xs4all.nl [194.109.223.7]) by mx1.FreeBSD.org (Postfix) with ESMTP id A521E43D31; Tue, 21 Sep 2004 08:48:31 +0000 (GMT) (envelope-from newsacct01@dannysplace.net) Received: from localhost ([192.168.1.4] helo=U003744) by mail.dannysplace.net with smtp (Exim 4.12) id 1C9gK6-000PLR-00; Tue, 21 Sep 2004 10:48:30 +0200 Message-ID: <009f01c49fb7$c4c1e710$1ad0260a@capgemini.nl> From: "Danny Carroll" To: Date: Tue, 21 Sep 2004 10:37:16 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1437 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1441 cc: freebsd-questions@FreeBSD.org Subject: Problems with fetch but not ftp in a jail? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Danny Carroll List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Sep 2004 08:48:34 -0000 I am having a strange problem with my home network. Here is what it looks like. Internet <-> FreeBSD Firewall/Natd box (guard) <------> Local Net (192.168.100.0/24) |------------ testsrv (192.168.100.12) |----- testjail (192.168.10.1) Testjail is a jail (192.168.10.1) running under testsrv (192.168.100.12). Subnet 192.168.10.0/24 is routed to testsrv at the firewall. The nat stuff works fine for everything else. The problem is I cannot do this from testjail (passive mode is needed for my natd setup). fetch -p -v ftp://ftp.nl.freebsd.org/pub/README.nluug As you can imagine it is making it hard to install ports. I can do it from testsrv but not from within the jail. I can do a file transfer (of the same file in passive mode) just by using the ftp client from both testsrv and testjail. It looks to me, but checking the TCPdump output that it's just not requesting the data channel. (Or the data channel is not comming back) as it is able to establish the control channel fine. Has anyone else had some problems like this with fetch in a jail? I am using 5.2.1-RELEASE-p9 and ipfw/natd to do my nat on the firewall (a 4.9 box). -D p.s. I can post tcpdump output if needed.