Re: FTP Client and IPFilter

From: Kevin Kinsey (kdk_at_daleco.biz)
Date: 02/20/05

  • Next message: Kevin Kinsey: "Re: Commands "Delete / Shred"" 
    Date: Sat, 19 Feb 2005 20:58:03 -0600
To: crzdgns1@starpower.net

    crzdgns1@starpower.net wrote:

    >Hello,
    >
    >This ia a slightly longer post and I am not sure if it belongs
    >here or in freebsd-questions. If it belongs in
    >freebsd-questions, please let me know and I will post it
    >there. Now then...
    >
    >

    Ths list charter is at:

         http://lists.freebsd.org/mailman/listinfo/freebsd-newbies

    >I think I am beginning to accept the fact that I can't read,
    >so I'll just state that condition from the beginning. I have
    >installed FreeBSD-5.3-RELEASE and use IPFilter as my firewall.
    >
    >I have only one machine, with a cable modem connection to the
    >internet. I have been following the directions in the
    >Handbook, or so I thought, until yesterday. Yesterday I
    >posted a message here titled something like "Which FTP do I
    >have?" and received many helpful replies. Thank you! My FTP
    >client still doesn't work and the reason it doesn't work is, I
    >believe, I didn't follow the directions, which I discovered
    >upon further reading of the handbook last night.
    >
    >My questions for today are mostly for clarification of what is
    >written in the handbook, starting at section 24.5.18, Enabling
    >IPNAT. I do not currently have IPNAT enabled. Given that I
    >am a homeuser with only one machine, must I have IPNAT enabled
    >for FTP to work properly? The ipf.rules in the handbook seem
    >to indicate so, but I would appreciate confirmation.
    >
    >

    I wouldn't think so. No network, no _N_etwork _A_ddress
    _T_ranslation should be necessary.

    Keep in mind (although it's maybe a big assumption on
    my part), that in that particular example the machine is
    serving as a gateway...

    > <>
    > Secondly, the first rule in section 24.5.18 enables the
    > computer as a gateway. I was under the impression that it is
    > wisest not to use this rule unless you genuinely intend to use
    > the machine in question as a gateway. Am I correct? If so,
    > can I leave the first rule out and just include the second and
    > third rules and still expect the IPNAT FTP proxy to function?
    >
    > Thirdly, I am trying to follow the directions, believe it or
    > not. Assume for the moment that I use all three rules listed
    > in 24.5.18 of the handbook. Since I have only one computer,
    > can I then skip directly to section 24.5.21.1, IPNAT Rules,
    > add the three rules there, and then have a reasonable
    > expectation that FTP will work properly from behind my
    > firewall? Again, I am using the ipf.rules listed in the handbook.
    >
    > Thanks,
    >
    > Mark

    I had a rather lengthy interspered reply, then I realized
    that because I had a bad encounter with someone today,
    I was writing as if I would take it out on you. That would be
    wrong, although it's occasionally seen on the lists.

    I'd suggest you send a detailed mail to questions@ at with
    your ruleset and a description of what's happening (e.g., I
    did this, *this*, and then **this**, and _this_, __this__, and
    then ___this___ happened, but my result differed from
    what I expected in {{this way}} .... )

    Does FTP work properly without your firewall? Have
    you attempted to turn passive mode off during the FTP
    session? That's a rather common reason that FTP clients
    have trouble with firewalls, and AFAIK it's mentioned in
    that same chapter....

    Kevin Kinsey
    _______________________________________________
    freebsd-newbies@freebsd.org mailing list
    http://lists.freebsd.org/mailman/listinfo/freebsd-newbies
    To unsubscribe, send any mail to "freebsd-newbies-unsubscribe@freebsd.org"

  • Next message: Kevin Kinsey: "Re: Commands "Delete / Shred""

    Relevant Pages