AFP548

FTP through natd and ipfw

I am having trouble getting FTP to work through a NAT router. The router is running Panther Client 10.2.3. If I set the firewall to allow all traffic to non-privileged ports from ports 20-21, it works: [code:1:9ee4e64a3b]allow tcp from any 20,21 to any 1024-65535[/code:1:9ee4e64a3b] But this opens up too much of a security hole. In the natd man page I found the [b:9ee4e64a3b]-punch_fw[/b:9ee4e64a3b] option which seems to be designed for this type of situation. Right now I am using three computer inside our LAN to test this. I have tried putting a [code:1:9ee4e64a3b]03000 check-state[/code:1:9ee4e64a3b] rule in ipfw and running natd with [code:1:9ee4e64a3b]-punch_fw 3001:50[/code:1:9ee4e64a3b] on one computer (A). I have turned on the FTP server on another (B), and I have set yet another (C) to use A as its router. I have set the subnet mask on C to force it to go through A to get to B. (Here is a diagram:) C (FTP client) -----> A (Nat router) -----> B (FTP server) Both A and B are using system 10.2.3. C is using Mac OS 9. I tried connecting to B from C using AFP and it worked. When I tried FTP, however, it didn't work. While the connection is being initiated a dynamic rule is created on A. But this rule disappears as soon as C tries to get the file listing. Since I am testing this on the LAN, the router only has one NIC. Could this be causing the problem?[/code][/quote]
Exit mobile version