IPChains and FTP

From: Chris McGlasson (chrism@ics.cyclesonline.com)
Date: Sun Jan 09 2000 - 09:35:47 EST

Hello all,

I have just built a firewall utilizing IPChains and masquerading and
everything works great...everything but FTP that is. Basically my problem
is that when I try FTP'ing out to a remote site from a local workstation
behind the firewall, transfer rates are just DOG SLOW! When I try FTP'ing
to the firewall, transfer rates are DOG SLOW. When I try FTP'ing from the
firewall server itsellf, transfer rates are great.

The following syntax is what I am using within my firewall script:

$IPCHAINS -A output -p tcp -d 0/0 ftp -t 0x01 0x10
echo -n "..."

# Set ftp-data for maximum throughput
$IPCHAINS -A output -p tcp -d 0/0 ftp-data -t 0x01 0x08
echo -n "."

I was curious as to weather or not anyone else has experienced this same
type of issue and if so what are some different things I can try to
resolve the problems I am having? Any assistance you might be able to
provide would be greatly appreciated.

Best regards,

Chris McGlasson
Senior Systems Engineer
Lightspeed Technologies, Inc.
Email: cm@lightspeed.net
Voice: (661) 634-0694
Pager: (661) 321-8947

