Shane Hathaway wrote:
Kent Polk wrote:
If we could simply solve this problem by replacing our active ftp clients with passive ones, it would be great, but it still doesn't solve the problem of clients *elsewhere* which are running behind a firewall and attempting to contact our server...
One possible way to solve this is to use an FTP proxy. A quick search at freshmeat.net yielded:
Now this gets really convoluted... :^( We have it up and running, but user/permissions/role translation quickly turns into a really bad nightmare. Why can't root launch ZServer and have port 20 permissions? jftpgw has to do that to have active ftp work anyway. Why add yet another Point of Entry/Confusion? As I mentioned earlier, why not have it respond on port 20 if it has permissions, otherwise respond via high port#?? What am I missing here?