Re: ftp server ipnat firewall

From: Peter Ross <Peter.Ross(at)>
Date: Tue, 9 Nov 2004 10:59:33 +1100 (EST)

Otto Kucera wrote:
> mit wget gibts aber probleme. es scheint probleme mit den active /
> passive ftp zu geben.
> hat jemand eine sample config für mich?

Nein, leider nicht. Aber vielleicht hilft Dir dies weiter:

14. I have an FTP server behind an IPF firewall, and I'm having problems
serving passive FTP.

The IPF How-To gives a good explination of this. The client will try to
connect to the server's internal IP address because that's the way passive
FTP works: the server tells the client it's IP address in the payload and
the client connects to it.

The solution is to explicitly tell your FTP server what to report as it's
IP address, and give it a range of ports to give out as well. You will
then need to redirect traffic from those ports on your IPF box to the FTP
server. Each FTP server is different, and you'll need to read the manual
for your specific software, but to give an example, you can specificy this
information in WU-FTPd's configuration file as follows: passive ports 32768 49151
passive address

At the time of writing it's been reported that Microsoft IIS's FTP server
is not capable of being configured this way. However, most Unix FTP
servers should have an option for this somewhere.

proftpd nutzt die Option MasqueradeAddress.


To Unsubscribe: send mail to majordomo(at)
with "unsubscribe de-bsd-questions" in the body of the message
Received on Tue 09 Nov 2004 - 01:00:07 CET

search this site