Subject: Re: ipnat ftp proxy fix yet? (ever?)
To: roberto <>
From: Manuel Bouyer <>
List: tech-net
Date: 10/28/2004 18:03:27
On Thu, Oct 28, 2004 at 04:35:03PM +0200, roberto wrote:
>  Manuel Bouyer:
> > I'm not sure passive ftp would work though NAT without the proxy.
> > At last the source address, and possibly the source port, need to be
> > translasted in the PORT command.
> >
> (actually I did not follow the entire discussion...)
> but according to me passive ftp should work with only ipnat:
>  client -----> NAT box ------> FTP server
> All the connection originate from the client (using the passive mode) and
> this is sufficient to establish the FTP-CTRL and FTP-DATA connection: in
> the passive mode is the server that publicize its IP and port number not
> the client behind the NAT.
> Tell me if I'm forgot something.

The client's IP appear in the PORT command, so that the server can
bind the data socket to accept this IP only.

Manuel Bouyer <>
     NetBSD: 26 ans d'experience feront toujours la difference