Port 21 & IPNAT

I have a user who's trying to run Audiogalaxy's satellite program via port 21 on her local machine, behind my 2.8 box that's running IPNAT. She keeps timing out trying to connect to their server; their FAQ suggested trying to telnet to garlic.audiogalaxy.com:21 to test firewall compatibility. I did so, and was unable to connect (despite a default, 100% permissive firewall).

I'm sure that the root of my problem comes from the fact that port 21 is set up for FTP with the IPNAT rule:

map xl0 -> proxy port ftp ftp/tcp

I tried commenting that rule out and then saying ipnat -f /etc/ipnat.rules, only to get:

ioctl(SIOCADNAT): File exists
How can I get this to work (preferably without compromising FTP)? Can I do it at all? Thanks for any input you can provide.

Alex Le Fevre

