On Tue, 28 Nov 2006, Mark Freeze wrote: > I also have a question regarding ftp proxy. My situation is that we > have our firewall running, and I can connect and upload files to ftp > sites from any of my workstations. The problem occurs when we are > trying to download files. When I connect my machine will negotiate > the connection and get a directory listing, but crash when I try to > download files from the site. I know that it's the firewall because > my machines connect and download when the fw is taken out of the > process. I thought that maybe it was crashing when moving to an upper > port? And, if that is the case how do I correct it? > > What in my rule set would allow me to ftp upload a file, but crash on > the ftp download?
Please start a new thread the next time. If you run ftp-proxy with "-d -D6" do you see anything interesting in the logging? If that doesn't help, can you try to catch the control and data connections on both sides of the firewall with tcpdump (snaplen 1500) ? ftp-proxy doesn't touch the data connections itself... it only commits rules into the anchors to let them pass. It does proxy the control connection, so it may buffer some lines that the FTP server is sending to the client and send them together. That's perfectly legal though. Which client are you using?
