On 01/11/2013 09:14 AM, Tom Eastep wrote: > On 01/11/2013 09:06 AM, Dario Lesca wrote: >> Il giorno ven, 11/01/2013 alle 08.40 -0800, Tom Eastep ha scritto: >>> >>> Ah -- I see the real problem here. Your firewall is MASQUERADING >>> outgoing connections from the server. >>> >>> Note that the incoming connection on port 21 is addressed to >>> my.host.42.251 but the outgoing connection is from my.host.42.242! >>> >>> Fix your /etc/shorewall/masq file so that it doesn't masquerade those >>> outgoing connections. >>> >> Wow!, thank Tom!! Work! Work! Work! >> >> This is my old masq file, : >> $NET_IF_1 0.0.0.0/0 $ONLINE_SERVER tcp 25 >> $NET_IF_1 0.0.0.0/0 $NET_FW_IP_1 >> >> I have masquerade only port 25 for same outgoing mail service. >> Now I have this configuration: >> $NET_IF_1 0.0.0.0/0 $ONLINE_SERVER >> $NET_IF_1 0.0.0.0/0 $NET_FW_IP_1 >> >> Now Work!, but my other question is: It's correct this configuration >> method? > > If $ONLINE_SERVER is the system that uses proxy arp, then you should > simply delete that entry. I can't see how the change you made could have > fixed the ftp problem.
Disregard this post and use the suggestion from the next one I sent. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and much more. Get web development skills now with LearnDevNow - 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122812
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
