[ale] FTP/firewall issue
Joseph A. Knapka
jknapka at earthlink.net
Tue Jul 3 13:04:44 EDT 2001
Bob Kruger wrote:
>
> "Joseph A. Knapka" wrote:You need to open connections *to* your machine at ports >1024
>
> > *from* foreign port 21. The way active FTP works is that
> > the client makes an outgoing connection to port 20 on the
> > server, sends the server a local port number for data connections,
> > (chosen more or less at random), and then the server initiates a
> > connection to the client on that port from server port 21.
> > (What were they thinking...)
>
> Joe;
>
> I enabled the following, and it seems to be doing the trick:
>
> /usr/sbin/iptables -A INPUT -i eth1 -s 192.168.2.0/24 -d 192.168.2.1 -j ACCEPT
>
> I am not exactly sure why, but I can now list the directories.
I'm not sure why either. Let me ask a question: is the
FTP server machine you're trying to reach *on* the 192.168.2.0/24
net? Or is it external, and 192.168.2.1 is masquerading for the
192.168.2.0 network? That's what I originally thought, but
rereading your initial message, I'm no longer sure.
-- Joe Knapka
"You know how many remote castles there are along the gorges? You
can't MOVE for remote castles!" -- Lu Tze re. Uberwald
// Linux MM Documentation in progress:
// http://home.earthlink.net/~jknapka/linux-mm/vmoutline.html
* Evolution is an "unproven theory" in the same sense that gravity is. *
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list