You need tcp port 20 as well (ftp-data)



--
Chris.

I love deadlines. I especially love the whooshing sound they make as they fly by..." - Douglas Adams, 'Hitchhiker's Guide to the Galaxy'

----- Original Message ----- From: "Clement Twine" <[EMAIL PROTECTED]>
To: <freebsd-questions@freebsd.org>
Sent: Tuesday, April 12, 2005 9:19 AM
Subject: weird problem with ipfw and ftp



hi freebsd users,

i have a problem with users accessing my ftp service from the
internet. everything was working well until i changed from
Linux/shorewall to freebsd/ipfw as my firewall.

my setup is briefly as follows:

FTP_Server (10.0.0.1) --- Firewall (IPFW) ----- INTERNET

The linux rules were just two (and were working):

    allow tcp from any to 10.0.0.1 21
    allow tcp from 10.0.0.1 21 to any

I have the following in ipfw but they have refused to work!

    ipfw add 00010 allow tcp from any to 10.0.0.1 21
    ipfw add 00011 allow tcp from 10.0.0.1 21 to any


The problem is that an ftp session is established, but when the session enters passive mode, the ftp session hangs. Are there any other ports that need to be opened? Has anyone had such a problem before? I can see in the logs that unprivileged ports are responding from the ftp server to the requestor - but have tried all combinations of rules to no avail!

Please help!

Regards,

Clem.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"



_______________________________________________ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to