[ previous ] [ next ] [ threads ]
 
 From:  Paul Phillips <paul at partitura dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  ftp client on DMZ only works if all ports opened
 Date:  Tue, 6 Jan 2004 12:50:59 -0600 
Hello -

I'm doing some more testing of m0n0wall on a dummy test setup.  Testing 
ftp..

m0n0wall version of January 1.  I have a dummy DMZ with 1:1 NAT, a 
dummy LAN and an "internet" set up for testing.

When I open all ports from the DMZ to anywhere, the console ftp client 
on the DMZ bsd machine works fine when connecting to an ftp server on 
my dummy internet machine.

However, if I do NOT enable all DMZ ports, but only enable the DMZ 
"ftp" choice in m0n0wall (which looks like it opens port 21) then I can 
connect to an ftp server, but cannot get a directory listing and cannot 
transfer files.

I tried also opening DMZ port 20, but that didn't help.

Can anyone tell me what I need to do to get the natted ftp client on 
the DMZ to work, short of opening all outgoing ports?

Thanks,
Paul Phillips