# How to share some large files from FreeBSD to Windows?



## fender0107401 (May 20, 2011)

I have two computers; one run FreeBSD and one run Windows.

These two computers share one static IP account by using a router, which provides a DHCP service.

Now, I have to copy some large files from FreeBSD to Windows and I don't know how.

I built an anonymous FTP server on FreeBSD (ip:192.168.1.101), but I found Windows (ip:192.168.1.100) can't access it.

The IPFW rule set is as follows:


```
################################################################################
# delete all rules
ipfw -q -f flush
# variable declaration
nic="re0"
dns1="my dns 1"
dns2="my dns 2"
dhcp="192.168.1.1"
cmd="ipfw -q add "
ks="keep-state"
################################################################################
# loopback
$cmd 00100 allow all from any to any via lo0
$cmd 00200 check-state
################################################################################
# dns
$cmd 00300 allow tcp from me to $dns1 53 out via $nic setup $ks
$cmd 00400 allow udp from me to $dns2 53 out via $nic $ks
$cmd 00500 allow tcp from me to $dns1 53 out via $nic setup $ks
$cmd 00600 allow udp from me to $dns2 53 out via $nic $ks
# dhcp
$cmd 00700 allow udp from me to $dhcp 67 out via $nic $ks
################################################################################
# www
$cmd 00800 allow tcp from me to any 80 out via $nic setup $ks
# secure www
$cmd 00900 allow tcp from me to any 443 out via $nic setup $ks
# email
$cmd 01000 allow tcp from me to any 587 out via $nic setup $ks
$cmd 01100 allow tcp from me to any 995 out via $nic setup $ks
# irc
$cmd 01200 allow tcp from me to any 7000 out via $nic setup $ks
# ftp

[color="Red"]
$cmd 01300 allow tcp from any to any 21 out via $nic setup $ks
$cmd 01400 allow tcp from any to any 1024-65535 out via $nic setup $ks
[/color]

# ntp
$cmd 01500 allow udp from me to any 123 out via $nic $ks
# csup
$cmd 01600 allow tcp from me to any out via $nic setup $ks uid root
################################################################################
```

What I still have to do?


----------



## fender0107401 (May 20, 2011)

Done. :e


```
$cmd 01300 allow tcp from 192.168.1.100 to me 21 in via $nic setup $ks
$cmd 01301 allow tcp from me to 192.168.1.100 out via $nic setup $ks

$cmd 01400 allow tcp from 192.168.1.100 to me 1024-65535 in via $nic setup $ks
$cmd 01401 allow tcp from me to 192.168.1.100 1024-65535 out via $nic setup $ks
```


----------



## _martin (Jul 23, 2011)

Though I use PF and it's some time I used ipfw, it seems to me you kind of just allowed practically all tcp traffic to this host. 

I guess you have default deny for both directions - egress/ingress. Wouldn't it be just easier to allow all traffic to this host then ?


```
ipfw add <N> allow ip from me to $WINDOWS out
ipdw add <N+1> allow ip from $WINDOWS to me in
```

You are practically doing it anyway..


----------



## SirDice (Jul 25, 2011)

FTP is notoriously tricky to firewall.

Active FTP vs. Passive FTP, a Definitive Explanation


----------

