IP Masq and FTP

IP Masq and FTP

Post by Chris Tyle » Fri, 09 Jan 1998 04:00:00

I've recently installed an old 386 as an IP Masq machine on my
home-office LAN. It's working very well (especially considering the age
of the hardware!) but I'm having varied success with FTP (using the
required module). It seems that I can reliably connect to all sites on
the command channel, I can't use the data channel on some particular
sites (it's reliably the same sites). I noticed that this is mentioned
in the IP-Masq HOWTO but I can't find any information about *why* this
happens, and if a workaround is available. Can anyone enlighten me?


Global Proximity Corporation      http://Global.Proximity.ON.CA/
Internet and Computer Consulting  (519) 469-3439 / fax (519) 469-8653


1. IP Chains / IP Masq FTP Problem

I've used IP masquerading via ipfwadm for about two years now with
great success.  I just set up a new gateway for a cable modem, and I
decided to try IP Chains instead.  I downloaded the source and the
2.0.34 patch, and I applied it to my 2.0.36 kernel.  I spent some time
creating a firewall script, and everything seemed to work great!  Or
so I thought.

I tried to use ftp - I would log on to a remote host, and as soon as I
tried a command like ls or get, I would lose my connection.  I then
realized that I forgot to load the ip_masq_ftp module.  I loaded it
and everything seemed to work great again... or so I thought.

I tried to use LiveUpdate for Norton Utilities and Norton Antivirus on
my Win95 machines.  I would connect to the Symantec ftp site, but
would then lose the connection through the LiveUpdate software.  I
tried to connect to the ftp site manually, but when I would try the ls
or get commands, I would lose my connection (just as I wrote above).

I re-installed ipfwadm (a new kernel), and the problem went away.  I
like IP Chains because it seems more flexible, but I need to be able
to update my Norton Utilities and my virus definistions.

I tried compiling different kernels with the IP Chains patch, but I
couldn't solve the aforementioned problem.  I've even loaded every
ip_masq* module, but I cannot correct this problem.

Does anyone know what's going on, and how I can fix it?  I've tried to
find other IP Masquerading tools, but everything that I see mentions


2. Securing my server...newbie

3. IP Masq'd Workstation to connect to IP Masq'd Workstation

4. DIFF command

5. IP Masq - Specify IP to Masq as?

6. Memory mapping a device PLEASE HELP!!!!

7. Configuring net (IP-tunnel, IP-Alias, Proxy-ARP, NAT, IP-Masq?)

8. HELP --- Good Modem, Bad user =)

9. IP-Masq and FTP problems

10. FTP problems with IP Masq

11. FTP from behind IP Masq ??

12. IP masq ftp's hang at 100 percent a possible solution

13. IP Masq and ftp help needed