That's exactly the case, ans setting the ftp client to passive mode
worked. I use ipchains to set the firewall rules thusly:
Default input chain is ACCEPT
Default forward chain is DENY with two entries to MASQ for ppp0 and eth0
Default output chain is ACCEPT
I don't see how these rules prevent the active mode of ftp. What do the
rules need to allow for active ftp to work? Also, where is this
ip_masq_ftp module you are referring to? Is it a kernel module? If so, I
don't have it, but I compiled everything into the kernel that I thought
I'd need. I didn't use modules at all. Know any way to check to see if
that functionality is there? Thanks for all your help.
Rob
On Mon, 28 Jun 1999, Michael Talbot-Wilson wrote:
>
> >
> > I guess that you used ipfwadm/ipchains to set your box as a router. What's
> > probably happening is that you have blocked the incoming connection from
> > the ftp server. To solve this you can either change your ip rules or try
> > and use the passive (pasv) form of ftp where the server tells the client
> > the port to connect to and the client then does the connection: note that
> > some windows FTP clients can't do this commonly the dos box ones can't.
> >
> > On Sun, Jun 27, 1999 at 12:00:40AM -0500, Robert Rati wrote:
> > > I setup a router for a home network, and everything seems to work fine but
> > > one thing. I can't use ftp. I can connection to sites outside my network
> > > via ftp, but I can't do the ls command. Usually, when you do a lsc,
> > > you get something back like:
> > >
> > > 200 Port Command
> > >
> > > or something like that, but instead, I get:
> > >
> > > 500 Illegal PORT Command
>
> If you are masquerading, make sure you have the module ip_masq_ftp.
>
>
=======================================================================
[EMAIL PROTECTED] : Role-Player, Babylon 5 fanatic 1998-99
Aka Khyron the Backstabber : ICQ# 2325055
Homepage: www.cs.purdue.edu/homes/ratirh
"Happiness comes in short spurts. Don't be fooled."
=======================================================================
