Firewall/NAT

Hey, Y'all

I got active ftp working by opening both port 20 and 21 on the m0n0wall. but how do i do passive ftp. i read somewhere that it uses a whole bunch of ports like 1024 and up or something like that. is that true and how would i port for ward that because it gives me to and from port for remote but not for local.

-Thanks

~J~

Hey, Y'all

I got active ftp working by opening both port 20 and 21 on the m0n0wall. but how do i do passive ftp. i read somewhere that it uses a whole bunch of ports like 1024 and up or something like that. is that true and how would i port for ward that because it gives me to and from port for remote but not for local.

-Thanks

~J~

Open up ports 1024 to 1100 for example, forward to your FTP server. On the FTP server, it needs to have it's response IP be the same as your m0n0wall IP and restrict it's passive port range to just the ones you opened up and forward (for example, the 1024 to 1100 for example).

Unless you are operating a massive FTP server, you don't need thousands of ports forwarded to your FTP.

ok so should each of those ports be a different rule becasue i dont know how to port forward more than one port with one rule. i know you can set the to and from ports in the wan but it doen't have to and from in the local.

so should they be different rules?

ok so should each of those ports be a different rule becasue i dont know how to port forward more than one port with one rule. i know you can set the to and from ports in the wan but it doen't have to and from in the local.

so should they be different rules?

The port range will follow, the destination port just starts the same as the port forward (example, port 1024 to 1100, the destination port starts at 1024 and m0n0wall takes care of the rest of the range)