[TriLUG] Firewall blues...

[Christopher Knowles]

OK, I've got an ipchains masquerading firewall.  

I need for two remote users to be able to ftp to a server that is, and must 
remain inside the firewall.

I've set up the rules to allow incoming ftp and ftp-data connections.

I've set up portforwarding to forward ftp and ftp-data connections to the 
firewall to that server.

Now, users Able and Baker...

Able is a newbie, and is naked on the internet, no protection, and he can ftp 
in just fine.  Everything is good.

Baker, he has a linux based ipchains firewall (and I've even used a Charlie 
with iptables to the same effect).  He can log into the ftp server, but when 
he tries to do a dir, pasv, or cd, get etc... it just hangs.  I can't find 
any reference to the packets soming in with the logs.  (Any way to log 
ipmasqadm?)

Any ideas?  I would like Baker (and Charlie) to be able to get in to the ftp 
server.

CJK