FTP proxy and IP problems

fouinix

Hi all,
I setup my pfsense to allow ftp to my ftp server in my lan :  wan=>LAN
I used the FAQ http://wiki.pfsense.com/wikka.php?wakka=IncomingFTPHowTo
But I still have a problem, with the ftphelp, I don't have the IP address of the people who are connected on my ftp but I have the IP of the lan interface.
Here for example :
With ftphelper and working :

Apr  9 10:57:42 debian pure-ftpd: (?@192.168.1.254) [INFO] toto is now logged in

Without ftphelper and doesn'tworking :

Apr  9 11:34:01 debian pure-ftpd: (?@AMontpellier-157-1-###-134.w90-14.abo.wanadoo.fr) [INFO] toto is now logged in

Does anyone have an idea to keep the IP ?
A few month ago, I reach to keep the IP and the FTP works successfull, but I don't remember how I done this.

fouinix

When I activate ftp helper, I have this in my system log :

Apr 9 14:00:22 	pftpx[12222]: pftpx exiting on signal 0
Apr 9 14:00:22 	pftpx[12222]: pftpx exiting on signal 0
Apr 9 14:00:22 	pftpx[12222]: event_dispatch error: Operation not supported by device
Apr 9 14:00:22 	pftpx[12222]: event_dispatch error: Operation not supported by device
Apr 9 14:00:22 	pftpx[12222]: listening on 127.0.0.1 port 8021
Apr 9 14:00:22 	pftpx[12222]: listening on 127.0.0.1 port 8021
Apr 9 14:00:22 	php: : Config: AON rule matched for interface LAN - using FTP proxy

aldo

(1) when using an incoming ftp server you would be best to disable the ftp helper on the interface in question.
(2) pure ftpd can use passive ftp where you set a port range 3000-3500 and you forward those ports along with port 21 on to the server.
(3) most ftp servers allow you to work with nat by allowing a field to enter the public ip address in the ftp server startup script to allow for better translation.
(4) first thing to do is get your ftp server working correctly without nat then add the nat specific stuff into ftp server configuration and firewall after the thing is working.

good luck