Hello Misc!
I have a problem about ftp connections.
I made a server behind a firewall and i read the pf docs about the
configuration.
My external pf conf file looks like that:
ext_if="dc0"
int_if="dc1"
ftp_server="10.5.5.3"
nat on $ext_if from $int_if:network to any -> ($ext_if)
rdr on dc0 proto tcp from any to any port 80 -> 10.5.5.3
rdr on dc0 proto {udp,tcp} from any to any port 143 -> 10.5.5.3
rdr on dc0 proto {udp,tcp} from any to any port 993 -> 10.5.5.3
rdr on dc0 proto tcp from any to any port 25 -> 10.5.5.3
rdr on dc0 proto tcp from any to any port 5432 -> 10.5.5.3
rdr on dc0 proto tcp from any to any port 8821 -> 10.5.5.1
rdr on dc0 proto tcp from any to any port 61 -> 10.5.5.4
rdr on dc0 proto tcp from any to any port 2819 -> 10.5.5.4 port 2818
rdr on dc0 proto tcp from any to any port 2820 -> 10.5.5.3 port 2818
rdr on dc0 proto tcp from any to any port 21 -> $ftp_server port 21
rdr on $ext_if proto tcp from any to any port 49152:65535 -> $ftp_server
port 49152:65535
pass in quick on $ext_if proto tcp from any to $ftp_server port 21 keep
state
pass in quick on $ext_if proto tcp from any to $ftp_server port > 49152
keep state
pass out quick on $ext_if proto tcp from any to $ftp_server port > 49152
keep state
pass out quick on $int_if proto tcp from any to $ftp_server port 21 keep
state
I can connect to the server from my router but can't from the other
machines behind the router. I tried behind my neighbour's wireless
router to it did the same. My ftp client message was:
Data connection timed out.
Falling back to PORT instead of PASV mode.
List failed.
I think it means that the client connected the server but it couldn't
list the directory.
I can connect and list directories other ftp servers from anywhere.
Are there any other server side (pf side) configurations?
Thanks a lot for your help and sorry for that stupid question.
--
----------------------------------------------------------
ANDRAS PAL D i g i t a l Influence
E-mail: [EMAIL PROTECTED] Hungary
Web:http://www.digitalinfluence.hu
http://www.fpower.hu
http://www.ifce.hu
