[ale] FTP/firewall issue
Bob Kruger
krugerb at benning.army.mil
Tue Jul 3 13:38:31 EDT 2001
"Joseph A. Knapka" wrote:
> Bob Kruger wrote:
> >
> > "Joseph A. Knapka" wrote:You need to open connections *to* your machine at ports >1024
> >
> > > *from* foreign port 21. The way active FTP works is that
> > > the client makes an outgoing connection to port 20 on the
> > > server, sends the server a local port number for data connections,
> > > (chosen more or less at random), and then the server initiates a
> > > connection to the client on that port from server port 21.
> > > (What were they thinking...)
> >
> > Joe;
> >
> > I enabled the following, and it seems to be doing the trick:
> >
> > /usr/sbin/iptables -A INPUT -i eth1 -s 192.168.2.0/24 -d 192.168.2.1 -j ACCEPT
> >
> > I am not exactly sure why, but I can now list the directories.
>
> I'm not sure why either. Let me ask a question: is the
> FTP server machine you're trying to reach *on* the 192.168.2.0/24
> net? Or is it external, and 192.168.2.1 is masquerading for the
> 192.168.2.0 network? That's what I originally thought, but
> rereading your initial message, I'm no longer sure.
>
No, 192.168.2.1 is on the actual 192.168.2.0/24 subnetwork.
Bob
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
More information about the Ale
mailing list