Gonzalo Servat
2003-Jan-16 20:44 UTC
[Shorewall-users] FTP through the firewall to non standard FTP port fails
Hi, all. Shorewall Version: 1.3.12 I''m unable to list files (using PASV *or* PORT mode) on any FTP site that listens on a port other than 21 (from a client machine behind Shorewall -- from the Shorewall box I can list files no problem on the same sites) I have "Netfilter FTP" support compiled IN the kernel. Any ideas? My rule set is pretty generic. LOC -> NET Policy to allow ALL. My interfaces are: loc eth0 detect dhcp net ppp0 - noping Thanks in advance for any help! Regards, Gonzalo.
Tom Eastep
2003-Jan-16 20:49 UTC
[Shorewall-users] FTP through the firewall to non standard FTP port fails
--On Friday, January 17, 2003 03:43:09 PM +1100 Gonzalo Servat <gservat@webtastic.com.au> wrote:> Hi, all. > > Shorewall Version: 1.3.12 > > I''m unable to list files (using PASV *or* PORT mode) on any FTP site that > listens on a port other than 21 (from a client machine behind Shorewall > -- from the Shorewall box I can list files no problem on the same sites) > > I have "Netfilter FTP" support compiled IN the kernel.Bad move if you want to use non-standard ports.> > Any ideas? My rule set is pretty generic. LOC -> NET Policy to allow ALL. > > My interfaces are: > > loc eth0 detect dhcp > net ppp0 - noping > > Thanks in advance for any help! >You need modular ftp connection tracking and NAT support then see http://www.shorewall.net/ports.htm and look at the information about FTP. -Tom -- Tom Eastep \ Shorewall - iptables made easy Shoreline, \ http://shorewall.sf.net Washington USA \ teastep@shorewall.net