Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    FTP seeing router IP

    General pfSense Questions
    3
    3
    1549
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      StuartPM
      last edited by

      Hi all,

      I've got an FTP server on my network. I've enabled the ftp helper on the WAN and opened up port 21 with fpSense which seems to work fine. Passive mode works on a random ports etc.

      The problem is, my FTP server software is seeing every incoming connection as coming from the router's IP rather than the clients IP. This doesn't stop it working its just that I can't implement any anti-hacking measures such as blocking IP's with failed logins etc.
      Am I setting things up wrong or is this how it worked when using the FTP helper? If I just open the port ranges for passive mode instead of using the helper will this give the the client IP's?

      BTW, I'm asking because I've been monitoring some idiot attempting to brute force access my FTP by logging in as Administrator with over 5000 random passwords! Quite amusing, especially since there is no user Administrator. But after a while if just got annoying and I wanted to block him  >:(

      Stu

      1 Reply Last reply Reply Quote 0
      • T
        trendchiller
        last edited by

        If it's coming from a single ip, just block it in the firewall-rules…
        or try using snort for this one...

        1 Reply Last reply Reply Quote 0
        • S
          sullrich
          last edited by

          This is normal the FTP helper does all of the work on behalf so it comes from the firewalls ip.  This has been covered before in the forum.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post