Am Mo, den 29.12.2003 schrieb Krikket um 06:38: > On Tue, 30 Dec 2003, Sturla Holm Hansen wrote: > > > Sounds like a firewall-problem to me, I had the same when setting up > > iptables for the first time, the sollution for me was to open for > > outgoing connections on ports above 1024 and incoming > > RELATED/ESTABLISHED on the same ports. > > The problem is that the ftp-server doesn't communicate on the designated > > ftp port, it just sets up the session there and then tells your client > > what port to connect to. > > Don't know if this solves it for you, but that was the sollution when I > > had the exact same problem. > > Does that mean that some FTP clients are smarter than others, and can work > around the firewall? No, a firewall which earns her name has always the control over all connections. Using FTP you can't bypass. > Hrm. When I get home, I'll have to poke around with it. While I can work > the firewall via lynx, it's a bit kludgy, and I'm not sure what I'm > doing... Better to play it safe... FTP works different than many other protocols as you have 2 port-port connections: one control connection and one data connection. Depending on the mode - active or passive mode - there are different ports needed and the negociation is handled different. For an lucent explaination see: http://slacksite.com/other/ftp.html Again, I would recommend you set you FTP client into active mode. Clients handle this different by default. > Krikket Alexander -- Alexander Dalloz | Enger, Germany PGP key valid: made 13.07.1999 PGP fingerprint: 2307 88FD 2D41 038E 7416 14CD E197 6E88 ED69 5653
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
