[ previous ] [ next ] [ threads ]
 
 From:  "Darth Moula" <darth underscore moula at atlas dot cz>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] How to reslove FTP PASSIVE MODE?
 Date:  Sat, 21 Feb 2004 20:17:23 +0100
My problem is, how to disable all traffic between
WAN -> LAN and LAN -> WAN
and how to allow access to FTP servers for LAN users
(ftp client -> LAN -> WAN -> ftp server)

I dont want to RUN FTP SERVER

----- Original Message -----
From: Don Gray
To: Darth Moula ; m0n0wall at lists dot m0n0 dot ch
Sent: Saturday, February 21, 2004 8:08 PM
Subject: Re: [m0n0wall] How to reslove FTP PASSIVE MODE?


It's not easy or safe to use a PASV FTP server....you need to open a range
of ports and redirect them to the server.  You must also configure the
server to use this range of ports with PASV ftp.  A better answer is to
require clients to use ACTIVE mode FTP...this is straight forward and
doesn't require any configuration beyond opening port 21 and redirecting it
to the server.

----- Original Message -----
From: "Darth Moula" <darth underscore moula at atlas dot cz>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Saturday, February 21, 2004 9:58 AM
Subject: [m0n0wall] How to reslove FTP PASSIVE MODE?


> My problem is not how to run ftp server behind firewall. My problem how to
> allow access to ftp servers in WAN from LAN.
> When I block in the RULES all outgouing packets except TCP FTP, ftp
> transfers works only when not PASV required. PASV requires to establish
new
> connection on the not predetermined ports (another server by server). How
to
> set RULES?
>
> Thanks, D.M.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>