Re: ftp can build data connection - masquerading problem?
On Mon, 30 Aug 1999, Guilherme Soares Zahn wrote:
) Hi there,
) Lately I've been facing a strange and very annoying problem... When
) I try to do FTP from a site, it will almost surely drop my connection
) out when I try to build a data connection (either through a 'get',
) 'retr' or just a harmless 'dir') with a message like:
) ftp> dir
) 200 PORT command successful.
) 425 Can't build data connection: Connection refused
) On other systems I've had a 'address already in use' or something, so I
) felt it could have to do with the IP Masquerading... I can't say for
) sure if it started just after we set our Linux router to do IP
) Masquerading or not, but I feel it was 'almost at the same time', so
) maybe I've just overlooked something when I did that... HTTP connections
) AND apt-get run just fine, though...
It probably has to do with IPmasq. I got 500's (Illegal PORT command) all
the time after moving my dialup to the linux box and setting up
masquerading. I have two suggestions:
1) Try running FTP in passive mode. This forces the client to initiate
the connections, which masquerading allows. Once I had my FTP clients
(whether Linux or Win9X/NT) running in passive mode, FTP worked fine.
2) Look into the ip_masq_ftp module in the kernel (it's experimental).
Installing this module should let you run FTP normally (it did the trick
for me). You'll have to set the kernel config to prompt for experimental
drivers and then look in the networking section if you use menuconfig or
xconfig. You'll also need to load the module by hand (or specify it to
load at boot time), as I haven't seen it get loaded by the kernel yet
(running 2.2.10 kernel).
Evan Day | "These people looked deep into my soul and assigned
SMTP->firstname.lastname@example.org | me a number based upon the order in which I joined"