[lug] FTP question.

John Hernandez John.Hernandez at noaa.gov
Thu Aug 9 14:12:05 MDT 2001 

I don't fully understand what Kelly needs to accomplish.  What might be helpful is some sort of ASCII topology diagram, showing where the server and clients are.  Is there NAT involved?  By "setup the port mappings so that the passive connection port for the FTP server is properly retargetted" do you mean configure port forwarding in some fashion?  I'm sure we can come up with something if you provide more detail.

Unless you have full control over the clients, your ability to limit port ranges will be limited to modifications of the ftpd source code.  Here again, I must be a little confused.

-John

"D. Stimits" wrote:
> 
> "Brock, Kelly" wrote:
> >
> > Hi All,
> >
> >         Another question about WU-FTP that has been bugging me.  I have a
> > hardware firewall/DHCP/wireless LAN/print server hub box.  While I bought it
> > primarilly for the wireless LAN and print server for my laptops the firewall
> > is a nice bonus.  The problem though is that I need to setup the port
> > mappings so that the passive connection port for the FTP server is properly
> > retargetted to my linux machines.  I know this is a solvable problem, I just
> > can't seem to get it working correctly.
> >
> >         What I really want is to limit the port range of the passive
> > connections to something like 12000-12010 so that I can open those on the
> > firewall and map them to the appropriate machine.
> >
> >         Regards,
> >
> >         KB
> > _______________________________________________
> > Web Page:  http://lug.boulder.co.us
> > Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug
> 
> Surely someone on the list must know how to proxy the ftp to do this? I
> don't, I rarely deal with proxy, but it seems like there should be a way
> when an incoming request to ports 20/21 result in an outbound higher
> port number to go to the requesting machine, that it could be told to
> proxy that outbound port to a higher number? Proxy of some sort seems to
> be the key.
> 
> D. Stimits, stimits at idcomm.com
> _______________________________________________
> Web Page:  http://lug.boulder.co.us
> Mailing List: http://lists.lug.boulder.co.us/mailman/listinfo/lug

-- 

  - John Hernandez - Network Engineer - 303-497-6392 -
 |  National Oceanic and Atmospheric Administration   |
 |  Mailstop R/OM12. 325 Broadway, Boulder, CO 80305  |
  ----------------------------------------------------

More information about the LUG mailing list