[cobalt-security] Problems with passive mode on proftpd behind firewall

["Jason Hird" <jason.hird@xxxxxxxxxxxxx>]

I have several customers who require FTP access to my RAQ4, however both our
RAQ, and the customer are behind firewalls.

I understand from reading the PROFTPD documentation that you should be able
to configure it to support passive mode transfers, and set a range of
passive ports, but I keep getting errors in the logs, and no data transfer:

i.e.

Jul 11 10:27:20 genesis proftpd[3755]: 10.1.0.46
(193.133.98.226[193.133.98.226]) - SECURITY VIOLATION: Passive connection
from 10.1.0.1 rejected.

If anyone could offer me any ideas on how to get around this problem, they'd
be most gratefully received.

Regards

Jason Hird
Smartways Technology Ltd

The information in this e-mail (which includes any 
files transmitted with it) is confidential and may 
also be legally privileged.  It is intended for the 
addressee only.  Access to this e-mail by anyone 
else is unauthorised.  It is not to be relied upon 
by any person other than the addressee except with 
our prior written approval.  If no such approval 
is given, we will not accept any liability (in 
negligence or otherwise) arising from any third 
party acting, or refraining from acting, on such 
information.  Unauthorised recipients are required 
to maintain confidentiality.  If you have received 
this e-mail in error please notify us immediately, 
destroy any copies and delete it from your computer 
system.  Any use, dissemination, forwarding, printing 
or copying of this e-mail is prohibited.  Copyright 
in this e-mail and any document created by us will 
be and remain vested in us and will not be transferred 
to you.  We assert the right to be identified as the 
author of and to object to any misuses of the contents 
of this e-mail or such documents.

Smartways Technology Ltd
1 Scirocco Close
Moulton Park
Northampton
NN3 6AP
Tel. +44(0) 1604 670 500