Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Peter H. Lemieux (phlcyways.com)
Date: Fri Sep 28 2001 - 15:35:24 CDT
Craig Holmes wrote:
> Note that if your firewall is NAT, and your ftp server is on an internal
> computer, and you attempt to forward the port using a program such as
> ipmasqadm, it will not work.
I've successfully used the FTP proxy from SuSE for this task:
Here's an excerpt from its man page:
FTP-Proxy acts as an application level gateway between FTP clients
and servers. Its main purpose is to secure local FTP servers
against possibly insecure clients or malicious attacks. FTP-Proxy
is believed to be immune against current known attacks based on the FTP
FTP-Proxy can be started from the inetd (or xinetd, or any other)
internet super daemon or executed on its own as a standalone
daemon, in which case it will fork child processes to handle
connections. The behaviour depends on the ftp-proxy.conf(5)
configuration option ServerType or the -i and -d command line
switches, where the latter two take precedence.
FTP-Proxy features a rich set of auditing and command restriction
capabilities and is specifically suited for deployment in firewall
You don't need to be running a SuSE distribution; the package compiles
with ./configure; make install.
PS: I hate lists where replies go to the poster and not the list!