netbsd-users: Re: Problem with Window 2000->IE 5.5->ftp://ftp.netbsd.org and IPF

Subject: Re: Problem with Window 2000->IE 5.5->ftp://ftp.netbsd.org and IPF
To: Ian Cooper <ian@WPI.EDU>
From: David Maxwell <david@vex.net>
List: netbsd-users
Date: 11/27/2001 13:33:22

On Tue, Nov 27, 2001 at 12:59:06PM -0500, Ian Cooper wrote:
> An additional note is that I was using the standard windows
> commandline FTP client.

The Windows' command line FTP client doesn't support PASV transfers,
which can be a problem - NetBSD's ftp defaults to PASV, which can make
the two systems behave differently (in the client role), though it would
be the ipf configuration that was lacking. If you supplied your ipf
rules people might be able to suggest if there are any problems with
them.

I don't see any mention of NAT below, just a 'subnet block', which would
sound like a purely routed setup.

							David


> On Tue, 27 Nov 2001, Ian Cooper wrote:
> 
> // Date: Tue, 27 Nov 2001 12:57:33 -0500 (EST)
> // From: Ian Cooper <ian@WPI.EDU>
> // To: Gerald C. Simmons <simmons@darykon.cet.com>
> // Cc: netbsd-users@netbsd.org
> // Subject: Re: Problem with Window 2000->IE 5.5->ftp://ftp.netbsd.org and
> //     IPF
> //
> // // Has anyone run into this problem?
> //
> // Yes.
> //
> // // I have a DSL link with an assigned IP subnet block from my ISP. I'm using a
> // // NetBSD machine as a router/firewall using IPF. I have the following machines
> // // as clients, Windows 2000, Windows NT 4.0, Windows ME, and Linux.
> //
> // I had a similar setup at my place of employment with a Linux-based
> // router (using ipchains) and Windows clients.
> //
> // // I noticed recently, that when I use IE 5.5 on my Windows 2000 machine to go
> // // into ftp.netbsd.org via www.netbsd.org, something happens and the ftp packets
> // // back to my Windows 2000 machine get blocked.
> //
> // I noticed the same behavior with all of the Windows clients.  I was
> // able to work around that by logging into the router first, downloading
> // whatever locally there, and then using ftp from windows to the router
> // to get stuff from there.  Since then, we have replaced the router with
> // a higher-powered Windows 2000 Server system that also acts as a file
> // server.  Now ftp works fine from all machines.
> //
> // --
> // Ian Cooper
> // ian@wpi.edu
> //
> //
> 

-- 
David Maxwell, david@vex.net|david@maxwell.net --> Mastery of UNIX, like
mastery of language, offers real freedom. The price of freedom is always dear,
but there's no substitute. Personally, I'd rather pay for my freedom than live
in a bitmapped, pop-up-happy dungeon like NT. - Thomas Scoville