ipchains * static nat * FTP

["Keith.Morgan" <Keith.Morgan () Terradon com>]

I have a customer running an ipchains based firewall.  Using ipmasqadm
portfw we're doing static NAT to a webserver behind the firewall with
private address space.  I've been searching around the net for some time
trying to figure out how to open up FTP to a translated host behind the
firewall.  And before you ask, yes the ip_masq_ftp.o module is loaded on the
firewall, but this seems to only work for masqueraded hosts behind the fw
making ftp connections out to the internet.  Reversing the process (without
masq) doesn't seem to work.  The ftp server behind the firewall does *NOT*
support passive mode file transfer.

Is ipmasqadm portfw the wrong way to go with this?  Is ipmasqadm autofw the
way to go?  I could use references to good documentation on the use of both
portfw and autofw regardless of a solution to this problem.    

Anyone have a pointer or reference?  Or just example command syntax that
would allow this?  Is is possible at all?

Thanks in advance for your help.

Keith T. Morgan
Chief of Information Security
Terradon Communications
keith.morgan () terradon com
304-755-8291 x142

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards