Internally I can authenticate and view and transfer files to and from my FTP server, no problem. However, when connecting from outside the LAN through the monowall, I am able to authenticate, but that is all. I can neither view files when connecting through the monowall nor transfer them.
I have Inbound NAT setup to the internal IP and Firewall Rules corresponding to port 21. I have tried both Passive and Active mode. I have even tried modifying the Firewall Rules to allow any/any from any/any to this server with the same result. All other port/service connections to this server work without issues (SSH, HTTP, etc.).
The raw format of the _successful_ authentication looks like this in the logs: 22:17:03.366867 ng0 @200:7 p 66.146.160.25,2092 -> 10.0.0.9,21 PR tcp len 20 60 -S K-S IN
and the non-raw format looks like this: 22:17:03.366867 WAN 66.146.160.25, port 2092 10.0.0.9, port 21 TCP
All subsequent _unsuccessful_ FTP requests look like this in the raw logs: 22:22:08.557846 ng0 @0:22 b 66.146.160.25,1210 -> 99.178.210.194,9902 PR tcp len 20 60 -S IN
and like this in the non-raw logs: 22:22:08.557846 WAN 66.146.160.25, port 1210 99.178.210.194, port 9902 TCP
Notice the port numbers? These numbers do not remain constant either, each FTP transfer request will result in port numbers all over the place. What is up with the Monowall and FTP? And if it's just a port number issue, why didn't setting the Firewall Rules to any/any solve the problem?
|