[ previous ] [ next ] [ threads ]
 
 From:  Thomas Sprinzing <thomas at sprinzing dot org>
 To:  Mark <markryan at cfl dot rr dot com>
 Cc:  monowall <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] ftp better but still not working
 Date:  Sun, 05 Nov 2006 19:17:34 +0100 
Mark schrieb:

> Ok,
>
> People can connect now but cant get a dir listing.  Sounds like a
> passive problem.  Here are my settings:
> proftpd running on 192.168.1.102 on port 60000 with passive ports set
> to 50000-51000.
> monowall on WRAP with the following inbound nat rules:
>
> WAN TCP 50000 - 51000 192.168.1.102 50000 - 51000 Passive Ports
> WAN TCP 59999 - 60000 192.168.1.102 59999 - 60000 FTP connect
>
> the firewall rules are:
>
> TCP * * 192.168.1.102 59999 - 60000 NAT FTP connect
> TCP * * 192.168.1.102 50000 - 51000 NAT Passive Ports
>
> So, in a nutshell.  The control port and active port (60000 and 59999)
> are forwarded and allowed.  The passive ports (50000-51000) are
> forwarded and allowed. This should work however people tell me they
> can connect but not get directory listings.
>
> Am I missing something?

to tell proftpd to send the correct IP to the client. Which is M0n0's
wan IP, not proftpd-hosts lan address....

hth

thomas