[TriLUG] FTP can't get through iptables (was: iptables for webserver)
Mack.Joseph at epamail.epa.gov
Mack.Joseph at epamail.epa.gov
Sun Jun 19 16:51:44 EDT 2005
Joseph Mack PhD, High Performance Computing & Scientific Visualisation
LMIT, Supporting the EPA Research Triangle Park, NC 919-541-0007 Federal
Infrastructure Contact-Ravi Nair 919-541-5467 - nair.ravi at epa.gov,
Federal Visualization Contact - Joe Retzer, Ph.D. 919-541-4190 -
retzer.joseph at epa.gov
trilug-bounces at trilug.org wrote on 06/13/2005 08:29:45 PM:
> Using a GUI FTP client, either on Windows or Linux, either
> in Passive mode
> or not, the client successfully makes a connection and
> authenticates against
> the server. After that initial connection, it hangs and
> times out.
this usually means that you have the command port connection
OK (port 21) but not the dataport (20 for active ftp, anything
for passive). You need to add a rule with "RELATED"
in it to allow the 2nd port through (don't know specifics,
go look on an iptables HOWTO).
> The weird thing is that if you log in via FTP on the
> command line from any
> client it works totally fine.
if it's an iptables problem, then the command line wouldn't work either,
unless one was active (command probably) and the other passive
(gui probably)
for more than you probably want to know about ftp look at this
http://www.austintek.com/LVS/LVS-HOWTO/HOWTO/LVS-HOWTO.services.multi-port.html#ftp
Joe
More information about the TriLUG
mailing list