Hi,

I am tired of trying to find out why my ftp client behind my gateway is 
not able to talk to ftp servers. The gw is xen domU, client is in dom0. 
The "230-" should be the start of a reply to a successful PASSword 
command, it's too early to even talk about passive or active session ...

Sample of a sessin (after the "230-" the connection hangs for a while):
$ ftp -a ftp.netbsd.org
Trying 2001:4f8:4:7:2e0:81ff:fe21:6563...
ftp: connect to address 2001:4f8:4:7:2e0:81ff:fe21:6563: No route to host
Trying 204.152.190.13...
Connected to ftp.netbsd.org.
220 ftp.NetBSD.org FTP server (NetBSD-ftpd 20050303) ready.
331 Guest login ok, type your name as password.
230-

421 Service not available, remote server timed out. Connection closed
ftp: Login failed.
ftp>

/etc/ipnat.conf:
map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 proxy port ftp ftp/tcp
map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32 portmap tcp/udp 10000:20000
map xennet1 10.0.0.0/24 -> xx.xx.xx.xx/32

Thank you for any hint.

r.