ftp behind firewall with internet sharing

[QuadrupleJ]

I have a beige G3 running Jaguar acting as a internet sharing server for the other macs in the house. Connected to the beige G3 is a ADSL modem acting in briged mode using the PPPoE settings in the network settings.

My problem is that when the firewall is enabled on the server (the beige G3), I cannot access FTP servers. When I disable the firewall I can access them normally. Passive mode is enabled on the server as well as on the other computers in the house.

Also, when accessing the same FTP sites directly from the server (not via internet sharing) they work even with the firewall on.

Does anyone have any thoughts or suggestions about how to solve this problem? Turning off the firewall every time anyone needs to use FTP isn't really cutting it right now.

Thanx.

 

[Captain Code]

You'll have to add a firewall rule to let port 21 and 20 incomming on the LAN side to go through. With the firewall on it will block incomming requests for FTP from the LAN as well.

 

[QuadrupleJ]

In the firewall window in Jaguar "FTP 20-21 or 1024-65535 from 20-21" ports are open. I don't know whether this is referring to the LAN side or not, it's just the default setting.

 

[btoth]

I'm not a networking expert, but it sounds like FTP problems that my friends were running into trying to get to MY FTP server. I had it setup behind a firewall (Linksys Router) with port 21 open for the server so that any FTP requests to our single IP would be forwared to the server only. The firewall doesn't prevent any other computer on the network from accessing FTP servers over the Internet. However, some of my friends were having problems accessing my server and they thought it was my problem, turned out that even with them trying passive/non-passive mode that they were going through proxy servers that would let the connection go out, but there wasn't anyway for the data to get back to their computers to establish a connect and their FTP clients would time out.

When you're using internet connection sharing, isn't that the same as having that computer act as a proxy-server? Maybe with the firewall turned on, it's one too many impasses for the FTP connection to deal with? Maybe the best thing would be just to invest in a DSL Router that supports PPPoE (which I know the Linksys do but I'm sure others do too) and connect your machines through it rather than through the G3.

 

[QuadrupleJ]

Thanks for the reply, but I fixed the problem.

I found an old version of brickhouse lying around and used that to configure the firewall. It gives a much finer level of control of the firewall rules. Anyway, it's set up to allow all outgoing connection and block all incoming connections on the pppoe side. Internal network is open, but that's fine.

This way outgoing ftp connections on weird ports are allowed, where they weren't before.