> I'd be interested in your IPtables / pureftpd setup on this. I'm running > pure-ftpd also, and I haven't even tried to setup passive mode. heck it's > possible that I've got it enabled ;-)
Well, I'm not using IPtables, but ipchains. ut here's what I had to do to get passive mode to work: My ftp server is masq'd behind a firewall. My firewall has ipchains, and I'm using ipmasqadm to forward ports to various machines. >From my firewall, I forwarded ports 20,21 (for active transfers and control), and 40030-40040 (for passive ports) to the ftp server. On my FTP server, I configured pure-ftpd so that it will listen to ports 40030-40040 when a passive mode is initiated by the client. However, one extra step is needed. When passive mode is started by the client, the server sends it's IP address & desired passive port to the client. Since the IP address of the ftp server is a masqueraded ip, this causes problems since this IP doesn't exist outside of the firewall. This is where pure-ftpd shines. Pure-ftpd has an option that allows me to specify the IP address that should be sent to the client for a passive transfer. This way, I can have the server send the firewall IP address, thus allowing a successful transfer. I think it took me likes 2 weeks to figure this out. I was constantly thinking it was a masq'd issue, or a port forwarding issue. So much trouble for such a simple solution. -- -Rob _______________________________________________ Redhat-list mailing list [EMAIL PROTECTED] https://listman.redhat.com/mailman/listinfo/redhat-list
