Hi all, I'm just setup a new freebsd to be a ftp server. ftp-ing from localhost was success, but when i was trying to ftp from other ip, got result "Connection closed by remote host." Kernel already configure with firewall (with options FIREWALL_DEFAULT_TO_ACCEPT). rc.conf file already contain "firewall_type=open". What could be the problem? I can seem to solve this problem. Please help. __________________________________ Do you Yahoo!? Yahoo! Mail - Helps protect you from nasty viruses. http://promotions.yahoo.com/new_mail
check ipfw show to look at the currently loaded ruleset, something else may have added some other rules. also, check that there is no firewall/etc blocking the ftp connection from the client side and other things (such as isps/etc) blocking it. On Mon, 24 Jan 2005, Endin Suprana wrote:> Hi all, > > I'm just setup a new freebsd to be a ftp server. > ftp-ing from localhost was success, but when i was > trying to ftp from other ip, got result "Connection > closed by remote host." > > Kernel already configure with firewall (with options > FIREWALL_DEFAULT_TO_ACCEPT). rc.conf file already > contain "firewall_type=open". > > What could be the problem? I can seem to solve this > problem. Please help. > > > > __________________________________ > Do you Yahoo!? > Yahoo! Mail - Helps protect you from nasty viruses. > http://promotions.yahoo.com/new_mail > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" >
Hi! Check /etc/inetd.conf ftp stream tcp nowait root /usr/libexec/ftpd ftpd -ll should not be commented out. Regards, Alexander. On Tuesday 25 January 2005 05:34, Endin Suprana wrote:> Hi all, > > I'm just setup a new freebsd to be a ftp server. > ftp-ing from localhost was success, but when i was > trying to ftp from other ip, got result "Connection > closed by remote host." > > Kernel already configure with firewall (with options > FIREWALL_DEFAULT_TO_ACCEPT). rc.conf file already > contain "firewall_type=open". > > What could be the problem? I can seem to solve this > problem. Please help. > > > > __________________________________ > Do you Yahoo!? > Yahoo! Mail - Helps protect you from nasty viruses. > http://promotions.yahoo.com/new_mail > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"
Check-out /etc/hosts.allow. THE FIRST UNCOMMENTED line should read (for trying purpose) ALL : ALL : allow After success tighten the rules (read carefully what is in example file). Following should turn on IPFW verbose: # sysctl net.inet.ip.fw.verbose=1 Type-in, try ftp-connect from remote and check-out /var/log/security. Peter Rosa
> Kernel already configure with firewall (with options > FIREWALL_DEFAULT_TO_ACCEPT). rc.conf file alreadyMay be I'm wrong and you have it OK, but the kernel-option should read: options IPFIREWALL_DEFAULT_TO_ACCEPT You have a typo *IP*FIREWALL.... If so, type: # ipfw add 10 allow all from any to any and try ftp-connet from remote. Peter Rosa