Thanx Alexander, I tried that but then I forgot ipf rules to open high iana ports.... You got me to the point ;) Gabriele ---------------------------------------------------------------------------------------- Sonicle S.r.l. : http://www.sonicle.com Music: http://www.gabrielebulfon.com Quantum Mechanics : http://www.cdbaby.com/cd/gabrielebulfon ---------------------------------------------------------------------------------- Da: Alexander Pyhalov A: [email protected] Cc: Gabriele Bulfon Data: 10 aprile 2017 18.58.26 CEST Oggetto: Re: [discuss] proftpd and ipfilter On 10.04.2017 18:58, Gabriele Bulfon wrote: Hi, I have a server running xstreamos with added proftpd old package. It works fine in LAN, while I'm fighting again with ipfilter to allow for ftp from the WAN. The system has its public interface with ipfilter allowing other ports, such as 80, no problem. For FTP to get in I have: pass in quick proto tcp from any to [pub-ip]/32 port = 21 flags S keep state pass in quick proto tcp from any to [pub-ip]/32 port = ftp-data flags S keep state pass in quick proto tcp from any port = ftp-data to [pub-ip]/32 port1023 flags S keep state Hello. You likely need to specify PassivePorts and open them in firewall: http://www.proftpd.org/docs/howto/NAT.html --- System Administrator of Southern Federal University Computer Center
------------------------------------------- illumos-discuss Archives: https://www.listbox.com/member/archive/182180/=now RSS Feed: https://www.listbox.com/member/archive/rss/182180/21175430-2e6923be Modify Your Subscription: https://www.listbox.com/member/?member_id=21175430&id_secret=21175430-6a77cda4 Powered by Listbox: http://www.listbox.com
