[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[email@example.com: Re: NAT and FTP]
- To: tech_(_at_)_openbsd_(_dot_)_org
- Subject: [firstname.lastname@example.org: Re: NAT and FTP]
- From: Kenneth Stailey <kstailey_(_at_)_sun4c_(_dot_)_openbsd_(_dot_)_org>
- Date: Wed, 12 Feb 1997 07:56:09 -0700 (MST)
X-Authentication-Warning: gadget.nla.gov.au: cmakin owned process doing -bs
Date: Wed, 12 Feb 1997 11:02:08 +1100 (EST)
From: Carl Makin <cmakin_(_at_)_nla_(_dot_)_gov_(_dot_)_au>
To: "Nathan D. Bowen" <nbowen_(_at_)_3i_(_dot_)_net>
Subject: Re: NAT and FTP
Content-Type: TEXT/PLAIN; charset=US-ASCII
On Tue, 11 Feb 1997, Nathan D. Bowen wrote:
> I am new to ipfilter and not too well versed with NAT, but I have read RFC
> 1631 and I have tried to understand the linux ip_masq_ftp code. I am tempted
> to say that ftp won't work with ipfilter's NAT without patching ipfilter to
> watch for and mangle the PORT commands in FTP control conversations.
You are correct. NAT will not pass standard FTP sessions. Most FTP
clients and servers now support the "passive" option. This makes FTP use
the control channel instead of opening a separate data channel for passing
If you are using a command line FTP client try giving your client
the "passive" or "pasv" commands.
Carl Makin (VK1KCM) <http://email.nla.gov.au/~cmakin/>
C_(_dot_)_Makin_(_at_)_nla_(_dot_)_gov_(_dot_)_au 'Work +61 6 262 1576' "Speaking for myself only!"
'If you want to make your spouse pay attention to what you say...
Talk in your sleep!'
Visit your host, monkey.org