Koozali.org: home of the SME Server

Legacy Forums => General Discussion (Legacy) => Topic started by: Nic on April 24, 2001, 04:34:12 AM

Title: allowing ftp behind firewall
Post by: Nic on April 24, 2001, 04:34:12 AM

I'm trying to get a ftp server working behind e-smith gateway.

How would i get this rule to be set at startup

ipchains -A input -p tcp -s 0.0.0.0/0 -d 127.0.0.1/0 66 -i ppp0 -j ACCEPT

before the e-smith sets this rule

ipchains -A input -p all -s 0.0.0.0/0 -d 0.0.0.0/0 -i ppp0 -j denylog

ie, what file would i look for to add in my rule before e-smith sets the other rule?
Any idea?
Nic

Title: Re: allowing ftp behind firewall
Post by: Charlie Brady on April 24, 2001, 05:25:03 AM

Nic wrote:

> I'm trying to get a ftp server working behind e-smith gateway.

Due to the nature of the ftp protocol, you can't just port forward to another server.

Regards

Charlie

Title: Re: allowing ftp behind firewall
Post by: Nic on April 24, 2001, 07:40:15 AM

Its forwarding the port to a machine inside the lan, it works I've done it before. But now I'm running into problems with getting the server to allow connections in pasv mode.. had it working fine under rh6 so im not sure what e-smith is denying to stop it working..
Nic

Title: Re: allowing ftp behind firewall
Post by: James on April 26, 2001, 04:25:23 AM

you cannot port forward the ftp port and still use pasv mode (as far as I have found so far).  However, you can connect just fine using PORT command.
give it a try.