Re: IP MASQUERADING broken again from v1.3.81 onwards

Jos Vos (
Fri, 05 Apr 1996 13:42:36 +0200

> But all the kernel versions 1.3.8[1-4] seem to have broken the
> masquerading code. I can open certain connections like telnet, http etc,
> but while ftp the data connections do not seem to be getting established.
> I can watch the connections with
> ipfwadm -M -l -n
> which lists the ports and I have never seen port 20 anytime in these
> kernel versions.
> Has this something got to do with the recent reorganization of the
> masquerading code ? It looks so, because if I disable masquerading, IP
> forwarding as such is working cleanly.

The protocol-dependent masquerading code, supporting ftp and irc,
respectively, is now compiled as two separate modules. You have
to load the ftp module to use the ftp-specific code. I didn't try
it (yet), but that's what I read in the accompanying documentation
(being the Makefile and the C sources :-)).

--    Jos Vos <>
--    X/OS Experts in Open Systems BV   |   Phone: +31 20 6938364
--    Amsterdam, The Netherlands        |     Fax: +31 20 6948204