netbsd-help: passive FTP ipnat problem

Subject: passive FTP ipnat problem
To: None <netbsd-help@netbsd.org>
From: Tomas D <u0giene@yahoo.com>
List: netbsd-help
Date: 04/24/2005 08:38:40
Hi,
I've got a sort of problem here, I'm trying to connect
to ftp server hdd.takas.lt the server allows
connections from *.takas.lt addresses only. So what
I'm doing is the following.
I set netbsd IPNAT(not sure if right though) on
machine(let's call it gateway) that can connect to
hdd.takas.lt. relevant ipnat.conf from gateway:

rdr pppoe0 from 0.0.0.0/0 to gateway port = 8080 ->
212.59.13.36 port 21
(where's gateway is IP address of my gateway machine,
212.59.13.36 is hdd.takas.lt)

so I do following from any machine that is allowed by
gateway to connect to any port > 1 :

-bash-3.00$ ftp -ad uogiene.no-ip.org 8080
Connected to uogiene.no-ip.org.
220-Microsoft FTP Service
    ftp_login: user `<null>' pass `<null>' host
`uogiene.no-ip.org'
---> USER anonymous
331 Anonymous access allowed, send identity (e-mail
name) as password.
---> PASS XXXX
230 Anonymous user logged in.
---> SYST
215 Windows_NT
Remote system type is Windows_NT.
---> FEAT
211-FEAT
    SIZE
    MDTM
211 END
features[FEAT_FEAT] = 1
features[FEAT_MDTM] = 1
features[FEAT_MLST] = 0
features[FEAT_REST_STREAM] = 0
features[FEAT_SIZE] = 1
features[FEAT_TVFS] = 0
---> PWD
257 "/" is current directory.
got remotepwd as `/'
ftp> cd incoming
---> CWD incoming
250 CWD command successful.
---> PWD
257 "/incoming" is current directory.
got remotepwd as `/incoming'
ftp> mget *
---> EPSV
'EPSV': command not understood
disabling epsv4 for this connection
---> PASV

 that's it... it just stops...
 so I'm trying to force connection to active mode (-A)
 
-bash-3.00$ ftp -adA uogiene.no-ip.org 8080
Connected to uogiene.no-ip.org.
220-Microsoft FTP Service
ftp_login: user `<null>' pass `<null>' host
`uogiene.no-ip.org'
---> USER anonymous
331 Anonymous access allowed, send identity (e-mail
name) as password.
---> PASS XXXX
230 Anonymous user logged in.
---> SYST
215 Windows_NT
Remote system type is Windows_NT.
---> FEAT
211-FEAT
    SIZE
    MDTM
211 END
features[FEAT_FEAT] = 1
features[FEAT_MDTM] = 1
features[FEAT_MLST] = 0
features[FEAT_REST_STREAM] = 0
features[FEAT_SIZE] = 1
features[FEAT_TVFS] = 0
---> PWD
257 "/" is current directory.
got remotepwd as `/'
ftp> cd incoming
---> CWD incoming
250 CWD command successful.
---> PWD
257 "/incoming" is current directory.
got remotepwd as `/incoming'
ftp> bin
---> TYPE I
200 Type set to I.
ftp> mget *
---> TYPE A
---> EPRT |1|192.168.100.201|63639|
'EPRT |1|192.168.100.201|63639|': command not
understood
disabling epsv4 for this connection
---> PORT 192,168,100,201,248,151
Invalid PORT Command.
---> NLST *

I don't know how to explain that, I'm not good at
IPNATTING, but as far as I understand ACTIVE
connection should work, unless it's not supported by
the server (which I think what it is...) so I'm
wondering how am I supposed to go about this problem?
thanks everyone for help.
few more lines from ipnat.conf
map pppoe0 0.0.0.0/0 -> 0.0.0.0/32 proxy port ftp
ftp/tcp
map pppoe0 0.0.0.0/0 -> 0.0.0.0/32 proxy port 80
ftp/tcp
map pppoe0 0.0.0.0/0 -> 0.0.0.0/32 proxy port 22
ftp/tcp
map pppoe0 10.1.1.0/24 -> 0.0.0.0/32 proxy port ftp
ftp/tcp
map pppoe0 192.168.0.0/24 -> 0.0.0.0/32 proxy port ftp
ftp/tcp
map pppoe0 192.168.0.0/24 -> 0/32 portmap tcp/udp
44000:49999 mssclamp 1440
map pppoe0 192.168.0.0/24 -> 0/32 mssclamp 1440
map pppoe0 10.1.1.0/24 -> 0/32 portmap tcp/udp
44000:49999 mssclamp 1440
map pppoe0 10.1.1.0/24 -> 0/32 mssclamp 1440
map pppoe0 82.35.69.115/21 -> 0.0.0.0/32 proxy port
ftp ftp/tcp
map pppoe0 82.35.69.115/21 -> 0/32 portmap tcp/udp
44000:49999 mssclamp 1440
map pppoe0 82.35.69.115/21 -> 0/32 mssclamp 1440


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com