On Tue, 16 Oct 2001, sysadmin wrote:
> Hey guys, I have been trying to figure this out all day and it has
> lead me no where... I contacted a few of my friends online and their also
> clueless to why my methods of madness haven't lead to success.
>
> I have setup a FreeBSD firewall on version 3.5-Stable that
> basically denies all incoming connections, but allows established
> connections and certain ports. Those ports for example are like 20,21,80
> etc.. ANYWAYS, to make a long story short I have had a big problem letting
> anyone on my box ftp out to the world. It connects in fine, but it hangs
> in both passive / and non passive modes.
>
> Here are some logs:
[snippage of logs]
I currently run FreeBSD4.4 Stable.
I had this same problem, this fixed me:
/etc/ipf.rules:
---
pass in quick proto tcp from any port = ftp-data to my.ip.goes.here/32 port > 102 keep
state
pass out on dc0 proto tcp all keep state
---
/etc/ipnat.conf:
---
map dc0 0/0 -> 0/32 proxy port 21 ftp/tcp
---
dc0=my external interface.
...and viola, I can ftp out just fine.
Travis
=-=[Travis Ogden]-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
ICQ UIN: #30220771 "Courage is not defined by those who
AIM ID: Gen2600 fought and did not fall, but by those
Email: who fought, fell, and rose again."
[EMAIL PROTECTED]
Website:
http://www.FreeBSDFoo.com/~traviso
=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
