AW: How configure firewall with ftp

To: <cguruge@yahoo.com>, <debian-firewall@lists.debian.org>
Subject: AW: How configure firewall with ftp
From: <Erik.Hofmann@infineon.com>
Date: Fri, 9 Jul 2004 13:12:10 +0200
Message-id: <[🔎] 0B4CF0E5E12AE848B5924C14CA427CE1308524@mucse202.eu.infineon.com>

I had this problem too. The control channel is working and the data
channel of ftp is blocked.

I always thought that ftp control channel tcp 21 towards the server and
data channel tcp 20 towards the client in case of active ftp is common
rfc compliant behaviour of all ftp servers.

But some seems to answer on arbitrary ports, as I could see at the log
files.
Are those servers sick or is that behaviour normal?

How is iptables connection tracking for ftp supposed to deal with the
backwards initiated ftp data connections - active ftp - and in case of
ansering on arbitrary ports?

Did you tcpdump the connection initiation process?

Erik 

>Hi all
>
>I have configured a iptables firewall (2.4 Kernel). It
>has allowed any service form inside and only ssh and
>mail from outside.
>
>My probles is, from inside I can not ftp to  outside
>server.
>
>When i type ftp command it prompts username and
>passwords. but I can not get "ls" output. 
>
>It gives
>
>550 Permission denied
>425 use PORT or PASV first
>
>
>I hope Your help
>
>
>Thank You
>
>Champaka
>
>
>		
>__________________________________
>Do you Yahoo!?
>New and Improved Yahoo! Mail - Send 10MB messages!
>http://promotions.yahoo.com/new_mail 
>
>
>-- 
>To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
>with a subject of "unsubscribe". Trouble? Contact 
>listmaster@lists.debian.org
>
>

Reply to:

Follow-Ups:
- Re: AW: How configure firewall with ftp
  - From: Mike Mestnik <cheako911@yahoo.com>

Prev by Date: Re: Re: Hello wc_auto
Next by Date: Overriding dns
Previous by thread: Re: Re: Hello wc_auto
Next by thread: Re: AW: How configure firewall with ftp
Index(es):
- Date
- Thread