ftpd on WAN interface

R

rjka

Hi all, good people!

I have a freebsd FreeBSD 8.1 machine as gateway - two interfaces, NAT and started ftp server. I have no forwarding in ipnat.rules and can get access to FTP from the outside (by WAN interface, using DHCP IP address from my ISP).

Now I installed freebsd FreeBSD 9.1 on another machine the same configuration but I don't know how to do the same because now I can only connect to FTP when do forwarding port 21 to the LAN side (static IP).

I can't remember what I did the first time in 8.1. Everything looking the same but not working the same.
 
Can you post your configurations? Can't help much with just saying everything looks the same. Good call standing up a 9.1-RELEASE to replace the old machine. Better late then never since 8.1-RELEASE has been EoL since last July.
 
ipnat.rules:
Code: 
map rl0 192.168.12.0/16 -> 0.0.0.0/32 portmap tcp/udp auto
map rl0 192.168.12.0/16 -> 0.0.0.0/32
-----

rc.conf:
Code: 
keymap="pl_PL.ISO8859-2"
amd_flags="-a /.amd_mnt -l syslog /host /etc/amd.map /net /etc/amd.map"
sshd_enable="YES"
tcp_extensions="YES"
ipnat_enable="YES"
dhcpd_enable="YES"
dhcpd_ifaces="rl1"
named_enable="YES"
gateway_enable="YES"
hostname="router_ads2"
ifconfig_rl0="DHCP"
ifconfig_rl1="inet 192.168.12.1  netmask 255.255.255.0"
ftpd_enable="YES"
ntpdate_enable="YES"
--------

Is there in 9.1 any firewall started default?
Why services like FTPD and SSHD work on LAN interface instead WAN? Is there any configuration to change it?
 
That is very odd. I tried your setup and it seems to work fine for me. The defaults are to listen on all interfaces. Try $ sockstat. You should see this with a * to show it is listening on all interfaces with one entry for IPv6 and one for IPv4. There is no firewall by default.

Code: 
root     ftpd       934   5  tcp6   *:21                  *:*
root     ftpd       934   6  tcp4   *:21                  *:*
root     sshd       897   3  tcp6   *:22                  *:*
root     sshd       897   4  tcp4   *:22                  *:*
 
I don't use IPF at all - that is the case - I don't use any firewall in both 8.1 and 9.1 but in 8.1 I can connect FTP from outside and in 9.1 I can not.
 
sockstat gives me:

8.1

Code: 
root     ftpd       1244  5  tcp6   *:21                  *:*
root     ftpd       1244  6  tcp4   *:21                  *:*


9.1

Code: 
root     ftpd       1457  5  tcp6   *:21                  *:*
root     ftpd       1457  6  tcp4   *:21                  *:*
 
rjka said:
I don't use IPF at all - that is the case - I don't use any firewall in both 8.1 and 9.1 but in 8.1 I can connect FTP from outside and in 9.1 I can not.
Click to expand...

Read ipnat(8)():

... Note that if ipf(8) is not enabled when NAT is configured, it will be
enabled automatically, as the same kernel facilities are used for NAT
functionality. In addition, packet forwarding must be enabled.
Click to expand...

So, you might want to check the rules that are enabled automatically - ipfstat(8)().
Did you enable packet forwarding?
 
You must log in or register to reply here.
Back
Top