On Sat, 4 Jul 2015 15:45:05 -0700 <briand@aracnet.com> wrote: > On Sat, 04 Jul 2015 13:55:36 +1000 > Alexis <flexibeast@gmail.com> wrote: > > > > > briand@aracnet.com writes: > > > > > just to recap. machine 1 :firewall. i can ftp into machine 2 > > > machine 2: no firewall. i cannot ftp into machine 1 > > > > > > i tried the iptables commands as you explained above, and still > > > get connection refused. > > > > > > here's the really interesting part. > > > > > > when logged in on machine 1. > > > ftp localhost: works ftp machine1: connection refused > > > > In my experience, "connection refused" can indicate that there's > > nothing actually listening on the port to which one is trying to > > connect. Perhaps try running netstat(8) on machine1, e.g.: > > > > $ netstat -altp > > > > to check that vsftpd is indeed listening on the relevant > > port(s). If it's not, check vsftpd logs to see whether it produced > > any errors or warning on startup, and check your vsftpd > > configuration accordingly. > > > > well this is really screwy. > > i changed the vsftpd.conf file to : > > listen=YES > #listen_ipv6=YES > > so, i commented out the listen_ipv6 > > and now it works ! what's extremely confusing is that machine2 is > running with listen=NO and ipv6 yes and it works just fine! Maybe machine2 has no ip6tables rules, or rules that allow the access, and machine1 blocks it? Or maybe only machine2 has IPv6 enabled? > ?? > > i then tried modifying the config file to listen =NO but leaving ipv6 > commented, and it doesn't work that way. No, it probably doesn't listen on IPv6 by default, and now you're telling it to not listen on IPv4 either. I'm certainly no networking expert, so these are just guesses. Petter -- "I'm ionized" "Are you sure?" "I'm positive."
Attachment:
pgp0nB6BYbw9U.pgp
Description: OpenPGP digital signature