Subject: Re: ftp proxy working?
To: KAWAMOTO Yosihisa <kawamoto@es.osaka-u.ac.jp>
From: Bob Nestor <rnestor@augustmail.com>
List: current-users
Date: 10/04/1999 20:14:53
KAWAMOTO Yosihisa  (kawamoto@es.osaka-u.ac.jp) wrote:

>You should place the proxy line before the portmap line.
>
>`/usr/share/examples/ipf/mediaone' says:
># Make sure all the `proxy' lines are before any generic `portmap' lines, as
># the first match always wins.
>
>> In my ipnat.conf, I've this:
>> 
>> map fxp0 192.168.34.0/24 -> a.b.c.145/32 portmap tcp/udp 40000:60000
>> map fxp0 192.168.34.0/24 -> a.b.c.145/32
>> # To make ftp work, using the internal ftp proxy, use:
>> #
>> map fxp0 192.168.34.0/24 -> a.b.c.145/32 proxy port ftp ftp/tcp

Interesting and I'm not disputing the documentation or the recomendation. 
 What has me confused is this is my setup, and it works:

map sn0 192.168.1.1/28 -> 0.0.0.0/32 portmap tcp/udp 1025:65535
map sn0 192.168.1.1/28 -> 0.0.0.0/32
map sn0 192.168.1.1/28 -> 0.0.0.0/32 proxy port 21 ftp/tcp

I got this off some documentation about a year ago when I set my system 
up and it has never given me a problem.  Obviously the 0.0.0.0 IP address 
is dynamically updated when my link comes up.  The only difference I see 
between my setup and the non-working one is the tcp/udp port range.  
Could this be causing a problem?

-bob