|
On Tue, May 01, 2001 at 09:08:49AM -0400, Joseph Mack wrote:
> Wenzhuo Zhang wrote:
> >
> > Yes. We can actually get ftp to work in NAT mode without using the
> > ip_masq_ftp module. The trick is to tell the real ftp servers to use
> > the VIP as the passive address for connections from outside; e.g. in
> > wu-ftpd, add the following lines to the /etc/ftpaccess:
> >
> > passive address RIP <localnet>
> > passive address 127.0.0.1 127.0.0.0/8
> > passive address VIP 0.0.0.0/0
> >
> > Of course, the ftp virtual service has to be persistent port 0.
>
> I get it to work without persistence
How did you make it? I don't think it's possible if the client is
using passive transfer mode. In passive mode a separate connection
will be initiated by the ftp client on each data tranfer; so the
virtual service needs to be persistent anyway.
--
Wenzhuo
|
