[ale] iptables, nonstandard ftp and logging?

Eric Z. Ayers eric.ayers at mindspring.com
Mon Nov 20 21:32:28 EST 2000 

If you are trying to use FTP from behind a firewall, then
try typing 'passive' before you type 'ls'.

This forces all of the ports on the server to be opened as server
ports, so that all connections must be initiated from inside the
firewall. 

-Eric.
Robert L. Harris writes:
 > 
 > 
 >   I can connect to the ftp server on that port, but when I do an "ls" and
 > it tries to open the data connection it times out.
 > 
 > Robert
 > 
 > 
 > Thus spake Prasanna P Subash (psubash at turbolinux.com):
 > 
 > > 
 > > it could be as simple as /etc/hosts.allow or /etc/hosts.deny. I always end up forgetting those files.
 > > 
 > > -Prasanna
 > > 
 > > On Mon, Nov 20, 2000 at 03:32:39PM -0700, Robert L. Harris wrote:
 > > > 
 > > > 
 > > > I'm trying to connect to an ftp server on port 3011.  It appears to
 > > > timeout, and I'm thinking it's nota ccepting the ports on the way
 > > > back.  How do I tell iptables to log all failed packets coming
 > > > to me from the net so I can watch for odd things?  I don't see
 > > > a "--log-rejected" or I just may not be understanding it.
 > > > 
 > > > Robert
 > > > 
 > > > 
 > > > :wq!
 > > > ---------------------------------------------------------------------------
 > > > Robert L. Harris                |  Micros~1 :  
 > > > Senior System Engineer          |    For when quality, reliability 
 > > >   at RnD Consulting             |      and security just aren't
 > > >                                 \_       that important!
 > > > DISCLAIMER:
 > > >       These are MY OPINIONS ALONE.  I speak for no-one else.
 > > > FYI:
 > > >  perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
 > > > 
 > > > --
 > > > To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
 > > 
 > > -- 
 > > Prasanna P Subash
 > > psubash at turbolinux.com
 > 
 > 
 > 
 > 
 > 
 > :wq!
 > ---------------------------------------------------------------------------
 > Robert L. Harris                |  Micros~1 :  
 > Senior System Engineer          |    For when quality, reliability 
 >   at RnD Consulting             |      and security just aren't
 >                                 \_       that important!
 > DISCLAIMER:
 >       These are MY OPINIONS ALONE.  I speak for no-one else.
 > FYI:
 >  perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
 > 
 > --
 > To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.

More information about the Ale mailing list