[SOLVED] Re: ftp and passive mode

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Thanks Doug,
I tried it and it worked fine. I think this probably it more secure than 
opening an entire range of ports on my firewall.

- Jeroen

On Tuesday 20 July 2004 12:36 pm, Doug Maurer wrote:
> On Tue, 2004-07-20 at 01:47, J.L. Coenders wrote:
> > I think that Doug made the mistake of not reading the replies to my
> > question, since I asked the same question quite recent. We are not the
> > same person.
> >
> > But Doug, can you post how your solution works? I now opened up a port
> > range in my firewall and I restricted vsftpd to those ports for passive
> > mode. But i now understand there is also another (better?) way to go.
> >
> > - Jeroen
>
> I put the following in two files. (they might be redundant, bu it works)
>
> /etc/modprobe.conf
> alias ip_conntrack ip_conntract_ftp ip_nat_ftp
>
> /etc/rc.local
>  /sbin/modprobe ip_conntract
> /sbin/modprobe  ip_conntrack_ftp
> /sbin/modprobe  ip_nat_ftp
>
> then rebooted
>
> > On Tuesday 20 July 2004 06:04 am, Edward wrote:
> > > Doug Maurer wrote:
> > > > I've asked this question before, but nothing has helped
> > > >
> > > > I'm trying to ftp out, I can log into a remote system (another FC2
> > > > system, mine, configured with vsftpd and NAT running.)
> > > >
> > > > on the local side I get
> > > > 227 Entering Passive Mode (x,x,x,x,80,76)
> > > > ftp: connect: No route to host
> > > >
> > > > I can log into another system like ftp.linux.ncsu.edu just fine.
> > > >
> > > > only thing is, its only this box, on the remote box I can ftp out to
> > > > another fc2/fc1, etc.. with no problem.
> > > >
> > > > the local box was just reloaded from scratch. with basic iptables
> > > > running.. with no local nat. and still get the error.
> > > >
> > > > does anyone have any idea, what might be causing this?
> > >
> > > Yes, the answers you got the first time you asked this will solve your
> > > problem.
> > >
> > > Instead of "Basic" iptables and all that you describe above, why don't
> > > you try (just temporarily) to run NO iptables whatsoever and see what
> > > that does?
> > >
> > > Seems logical to me.
> > >
> > > Regards,
> > > Ed.
>
> --
> Doug Maurer
> doug@xxxxxxxxxxx
> Linux user #299439



[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux