System-config-securitylevel breaks passive FTP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

During an upgrade from FC1 to FC2 I decided to add a firewall to one of our servers. I used the system-config-securitylevel tool to enable the firewall and allow through the services we need (ftp, http and ssh).

However, after enabling the firewall I found that ftp was broken. I could connect, but could not get directory listings or transfer files. Disabling the firewall caused everything to start working again.

Looking back through bugzilla I came across:

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111228

..which is exactly the problem I had, and enabling the ip_nat_ftp iptables module caused everything to work through the firewall again.

My question therefore is why is this not considered a bug?? Surely if someone selects to allow ftp traffic through their firewall then they should not need to make additional (and distinctly non-obvious!) changes to config files to actually allow it to work.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux