Re: Forward ftp request another server

From: Seth Arnold (sarnold@wirex.com)
Date: 07/15/02


Date: Sun, 14 Jul 2002 19:23:20 -0700
From: Seth Arnold <sarnold@wirex.com>
To: SpaceWalker <spacewalker@altern.org>


On Sun, Jul 14, 2002 at 03:33:27PM +0200, SpaceWalker wrote:
> I'm using ipnat from ipfilter on my solaris box, with these rules :
>
> map ppp0 192.168.1.0/24 -> 0.0.0.0/32
> map ppp0 192.168.1.0/24 -> 0.0.0.0/32 proxy port ftp ftp/tcp
>
> but the ftp proxy doesn't work as expected. Only passive sessions are
> accepted, and that's quite anoying because some windows programs (like
> norton AV) doesn't let you the choice of using PASV mode. Comments
> are welcome.

SpaceWalker, when I used ipfilter on my OpenBSD machine (quite some time
ago, so things may have changed :) I discovered that the proxy port ftp
ftp/tcp line must be _before_ the general NAT line. Reverse the order of
the two lines, reload, and try again. :)

-- 
http://immunix.org/