Thank-you....
Your reply was very welcome. And it actually cleared up a few questions that I had. Thank-you.
I have removed the -b option so now the ftp-proxy command looks like this:
ftp-proxy -d -D7 -v -p 8022 -R 192.168.0.101 -P 21 -r
While I stated that [begin whine mode] I don't understand why this isn't working [/end whine mode], I actually do understand that the syntax and commands have changed. I know that the old rule-set won't work as a copy/paste. I was just trying to express some frustration, and I am sorry that i took it out on you.
As best I can tell the communication between server & client is failing after the client logs in, and the server tries switching to a new port (PASV mode).
[code]
#4 client: PASV\r\n
#4 server: 227 Entering Passive Mode (50,115,176,101,126,164).\r\n
#4 passive: client to server port 32420 via port 50220
#4 proxy: 227 Entering Passive Mode (50,115,176,101,196,44)\r\n
#4 client: LIST\r\n
[\code]
Is it possible that the client isn't getting this data? Am I missing a " pass out ALL" style statement in my pf.conf?
In the client I see this message :
227 Entering Passive Mode (50, 115,176,101,214,39)
LIST
So the client is getting the information, and trying to connect, but the firewall isn't allowing the new connection.
Update:
While using FileZilla I get a new error that I haven't seen before.
Command: PWD
Response: 257 "/" is the current directory
Command: PORT 192,168,1,125,127,38
Response: 200 PORT command successful
Command: MLSD
Response: 425 Unable to build data connection: Connection refused.
Error: Failed to retrieve directory listing.
Last edited by bsd_matt; 12th December 2013 at 07:24 PM.
Reason: added client information && FileZilla error.
|