DMZ and FTP Out
-
Seems this problem still exist in 0.94.10… I can't FTP out even if I disable the ftp-helper for the DMZ (OPT1)...
And I've got the following stats:
self tcp 127.0.0.1:8022 <- 137.189.91.191:21 <- xx.xx.30.100:40899 CLOSED:SYN_SENT137.189.91.191 is a anonymous FTP that I connect to, xx.xx.30.100 is my server IP under bridged DMZ
Fixed in 0.95+
I've just tried to disable the ftp-helper for LAN and WAN interface too, but still cannot get this work… is there any other setting I need to do?
Thanks. -
Seems this problem still exist in 0.94.10… I can't FTP out even if I disable the ftp-helper for the DMZ (OPT1)...
And I've got the following stats:
self tcp 127.0.0.1:8022 <- 137.189.91.191:21 <- xx.xx.30.100:40899 CLOSED:SYN_SENT137.189.91.191 is a anonymous FTP that I connect to, xx.xx.30.100 is my server IP under bridged DMZ
Fixed in 0.95+
Do you still entries like: self tcp 127.0.0.1:8022 ??
I've just tried to disable the ftp-helper for LAN and WAN interface too, but still cannot get this work… is there any other setting I need to do?
Thanks. -
yup, I still got the
self tcp 127.0.0.1:8022 <- 137.189.91.191:21 <- xx.xx.30.100:40899 CLOSED:SYN_SENTin "Diagnostics: Show States" when I FTP out in DMZ server.
-
yup, I still got the
self tcp 127.0.0.1:8022 <- 137.189.91.191:21 <- xx.xx.30.100:40899 CLOSED:SYN_SENTin "Diagnostics: Show States" when I FTP out in DMZ server.
Then the FTP helper isn't being deactivated. Did you reboot after making the change?
-
Then the FTP helper isn't being deactivated. Did you reboot after making the change?
yes, had to reboot both pfsense and the server after made the change.
-
upgraded to BETA-1, and this problem still existing.
-
As you upgraded, can you try again with a fresh install and a from scratch recreated config without importing?
-
problem fixed after upgrade to 1.0-PREBETA2-BUG-VALIDATION-EDITION3
thank you! ;D -
oh no…
the problem haven't come out because the new option "Enable Filtering Bridge" was not checked, if I checked this option, the problem come back...tcp 127.0.0.1:8022 <- ftp.server.ip:21 <- ip.under.opt1:56357 CLOSED:SYN_SENT
tcp 127.0.0.1:8022 <- ftp.server.ip:21 <- ip.under.opt1:56360 CLOSED:SYN_SENT -
Add the rules to allow ftp to talk to localhost.