Subject: Re: IPMasq question
From: SFaulken (sfalken@citlink.net)
Date: Sat Jan 19 2002 - 17:22:27 MST
> > I need to get FTP working on the Slack and Mk boxes, I have the incoming
> > connections setup for port forwarding in the firewall, at ports 21 and
> > 2121 respectively, but I can't quite figure out how to route the ftp-data
> > connections to make ftp work, do I just need to port forward port 20 in
> > the firewall to each box on different ports? or do I need to setup some
> > sort of static routing in the routing tables of these two machines?
> If your firewall is doing masquerading, you shouldn't need any
> port-forwarding. Your firewall could be blocking FTP data connections,
> since by default the FTP server connects to the client, and not visa versa.
> If passive mode connections don't work either, it is possible that you are
> filtering outgoing packets on ports the ftp client wants to use. A simple
> test would be to temporarily drop the firewall, but keep the NAT, and see
> if FTP works. If it does, the problem is in your firewall ruleset. You
> probably want to enter runlevel 1 for all Unix machines to avoid the risk
> of system compromise.
>
Problem here is , that I'm using a hardware firewall/NAT/Router, and I'm not
blocking ANYTHING at the moment, I just checked, all outgoing traffic is
allowed, on any port any of my machines might want.
--Shawn
This archive was generated by hypermail 2a24 : Sat Jan 19 2002 - 17:24:44 MST