[nzlug] FTP problem
Richard Dingwall
rdingwall at gmail.com
Sat Jan 13 13:59:12 NZDT 2007
On 1/12/07, anru chen <ctx2002 at gmail.com> wrote:
> finally found what problem was, it was caused by firewall rules.
>
> seems like firefox ftp client implementation is different than my
> debain command line
> ftp client which probably a BSD style ftp client.
>
> the problem is , ftp has a feature called Passive FTP, we need to
> allow it so some ftp clients will connect to FTP server without
> problem.
Note PASV is for opening data connections (eg dir listing or file
transfers) when a user is already logged in. It will have no effect on
a user's ability to connect.
>
> the firewall rule as below:
>
> iptables -A INPUT -i eth0 -p tcp -s any/0 --sport 1024:65535 --dport
> 1024:65535 -j ACCEPT
>
> so to enable passive FTP, we must allow ftp server to listen on the
> unprivileged port.
>
> regards,
>
> anru
>
> On 1/12/07, Mark Foster <blakjak at blakjak.net> wrote:
> >
> >
> > On Fri, 12 Jan 2007, Daniel Lawson wrote:
> >
> > > Mark Foster wrote:
> > >> Check you have valid forward/reverse DNS and that the FTP server can
> > >> find them; else, check DNS checks are disabled...
> > >>
> > >> Else, run a packet capture (Ethereal or similar) and identify at what
> > >> point it is failing...
> > >
> > > Checking the FTP server logfiles would be a good start too.
> >
> > yes, that too. Sorry, figured that'd have been done early on in the piece
> > - my bad...
> >
> >
> > _______________________________________________
> > NZLUG mailing list NZLUG at linux.net.nz
> > http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
> >
>
> _______________________________________________
> NZLUG mailing list NZLUG at linux.net.nz
> http://www.linux.net.nz/cgi-bin/mailman/listinfo/nzlug
>
More information about the NZLUG
mailing list