"No Route to Host" Error with FTP Transfers

Bob Perry rperry at gti.net
Sat Mar 25 20:49:15 UTC 2006


Hello,
Approximately 90%-95% of file transfers during portupgrade result in the 
error message "No route to Host".  If the file in question resides only 
on an ftp site, I disable the firewall in order to transfer the file in.

Yesterday, I resorted to commenting out the second of three IPNAT Rules 
in my /etc/ipnat.rules file, modeled after the Handbook version in 
section 25.5.21.1, and was able to complete the upgrade.  Not sure I 
would recommend this procedure however...My rules follow:

  This rule will handle all the traffic for the internal LAN:
  map tun0 192.168.1.0/24 -> 0/32 proxy port 21 ftp/tcp

  This rule handles the FTP traffic from the gateway:
  map tun0 0.0.0.0/0 -> 0/32 proxy port 21 ftp/tcp

  This rule handles all non-FTP traffic from the internal LAN:
  map tun0 192.168.1.0/24 -> 0/32


If I was reading Ethereal correctly, packets/data returning from the ftp 
site made it to the gateway, 192.168.1.254, but couldn't make it to the 
host, 192.168.1.15.  The message was something like, "Host unreachable".

Admittedly, I have little knowledge or expertise in this matter and 
would appreciate your suggestions to help resolve this issue.  Do my 
rules follow protocol?  Are they accurate?

I built my IPF Firewall using the Handbook and reviewed most, if not 
all, of the recommended websites for more assistance and understanding.

Thanks,
Bob



More information about the freebsd-questions mailing list