Hello,
I have a problem with ftp connection (active) from my internal networks to the outside ftp server. The ftp (passive) connection works fine from any machine without harm. I have two subnets 192.168.1.0/24 and 192.168.2.0/24 [FreeBSD 8.2-RELEASE-p6]
Sample of ipnat.rules:
and I put that rule for the testing purposes:
Found also half solution which is changing line:
to
and now ftp active connection works (on one PC).
The problem is: how to make rule to fix ftp active connections to all computers? I think it's better solution than put 1 rule for every PC.
The line seems not work at all:
Thank you for any suggestions
I have a problem with ftp connection (active) from my internal networks to the outside ftp server. The ftp (passive) connection works fine from any machine without harm. I have two subnets 192.168.1.0/24 and 192.168.2.0/24 [FreeBSD 8.2-RELEASE-p6]
Sample of ipnat.rules:
Code:
[B]map em0 192.168.0.0/16 -> xx.xx.xx.xx/32 proxy port ftp ftp/tcp[/B]
rdr em1 0/0 port 80 -> 192.168.1.1 port 3128
rdr rl0 0/0 port 80 -> 192.168.2.1 port 3128
map em0 192.168.1.0/24 -> xx.xx.xx.xx portmap tcp/udp auto
map em0 192.168.1.0/24 -> xx.xx.xx.xx icmp
map em0 192.168.2.0/24 -> xx.xx.xx.xx portmap tcp/udp auto
map em0 192.168.2.0/24 -> xx.xx.xx.xx icmp
rdr em0 xx.xx.xx.xx/32 port 2222 -> 192.168.2.63 port 80
...
Code:
ipfw add 00001 allow all from any to anyFound also half solution which is changing line:
Code:
map em0 [B]192.168.0.0/16[/B] -> xx.xx.xx.xx/32 proxy port ftp ftp/tcp
Code:
map em0 [B]192.168.1.8/32[/B] -> xx.xx.xx.xx/32 proxy port ftp ftp/tcpThe problem is: how to make rule to fix ftp active connections to all computers? I think it's better solution than put 1 rule for every PC.
The line seems not work at all:
Code:
map em0 [B]192.168.0.0/16[/B] -> xx.xx.xx.xx/32 proxy port ftp ftp/tcpThank you for any suggestions
Code:
211 End
Connect ok!
PWD
257 "/"
Download folder
TYPE A
200 Switching to ASCII mode.
PORT 192,168,1,8,210,185
500 Illegal PORT command.