[ previous ] [ next ] [ threads ]
 From:  "Jim Wells" <jwells at networksisp dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Passive Mode FTP
 Date:  Thu, 7 Apr 2005 16:54:06 -0400

Thanks for the reply.

I am running vsftpd on Redhat Do you recomend something else ?
Is this a "good ftp server" ? It is also avialable for FreeBSD
Do you have a working conf file ? I can try it on BSD ?

Do you have any ftp configuration's working that you
can post or send to me ? If so this would be great to
have in the documentation as well along with your reply
to "Hopefully Once and For all put an end to this"

I just want some help to make it work. I have google'd
for hours reading testing. I have changed the vsftpd.conf
file and added the public IP for pasv and many other settings.
I have a class "c" of public IP's for the Wan IP's.

Manuel Thanks for a great product and all your hard work.

Jim :)

---------- Original Message ----------------------------------
From: Manuel Kasper <mk at neon1 dot net>
Date:  Thu, 07 Apr 2005 17:49:25 +0200

>It should be mentioned at this point (and hopefully once and for all)
>that ipnat (and thus m0n0wall) does indeed fix up PORT commands sent
>by FTP clients behind NAT to FTP servers on the Internet. Therefore,
>both active and passive FTP clients can be used behind m0n0wall (as
>long as NAT is on, which is the case in almost all setups). What
>doesn't work (and that's a limitation in ipnat) is fixup of PASV
>responses made by FTP servers behind m0n0wall. So at present, if you
>want to run an FTP server behind m0n0wall in passive mode (active
>mode is no problem), you need a static WAN IP address and a good FTP
>server that allows you to specify the IP address to be returned in
>PASV responses. Then, if you map/configure the proper port ranges,
>passive FTP servers behind m0n0wall will work too. Other than that,
>there are *no* restrictions to using FTP with m0n0wall (aside from
>the fact that EPRT/EPSV aren't supported, but these aren't in
>widespread use anyway).
>- Manuel
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

Sent via Networks Webmail system at networksisp.com