Ed Chatlos wrote:
> I wish M0n0 dealt with FTP better. I have used many different router and
> never had any problem with any of them accessing my home LAN FTP server
> except M0n0. All I had to do was forward port 21 to the IP of the PC
> running the FTP server and create a firewall rule for it, on routers
> that do have a real firewall, and BAM I can connect from a remote
> location. NOT so with M0n0. You have to jump through many hoops to get
> it to work. I have now stopped using M0n0 on a everyday basis and gone
> back to my Zyxel ZyWall5 for just this reason.
> That is what I would like to see in future releases.
Why bother even having a firewall at all if you are allowing incoming
FTP connections to your LAN? You should almost *never* run public
services on LAN machines, that is what the DMZ is for. Services such as
passive FTP require that the Firewall must jump through many hoops,
including opening random high ports and/or running an
application-specific proxy. IMHO this just increases the security risk
and therefore is *not* something you want on your Firewall.
Forget about FTP anyway, use SCP or rsync. Oh, and good luck with your