thr3ads.net - Shorewall users - [Shorewall-users] FTP Passive Mode

If this information is useful, please help other people find it:
Share via:

jgarcian@retevision.es

2002-Sep-23 16:05 UTC

[Shorewall-users] FTP Passive Mode - Continue

Buf,

I don''t understand nothing....

Sep 23 17:33:40 cosmos kernel: Shorewall:net2all:DROP:IN=3Deth0 OUT=3D
MAC=3D00:60:08:6f:56:e8:00:d0:01:3f:70:0a:08:00 SRC=3D64.37.X.X DST=3D62.57.X.X
LEN=3D60 TOS=3D0x10 PREC=3D0x00 TTL=3D51 ID=3D8259 DF PROTO=3DTCP SPT=3D2387
DPT=3D21
WINDOW=3D5840 RES=3D0x00 SYN URGP=3D0
Sep 23 17:33:44 cosmos kernel: Shorewall:net2all:DROP:IN=3Deth0 OUT=3D
MAC=3D00:60:08:6f:56:e8:00:d0:01:3f:70:0a:08:00 SRC=3D80.24.X.X DST=3D62.57.X.X
LEN=3D48 TOS=3D0x10 PREC=3D0x00 TTL=3D116 ID=3D6402 DF PROTO=3DTCP SPT=3D4754
DPT=3D21
WINDOW=3D16384 RES=3D0x00 SYN URGP=3D0
...
...
...
Sep 23 17:36:05 cosmos pure-ftpd: (?@62.81.X.X) [INFO] jordi is now logged
in
Sep 23 17:36:06 cosmos pure-ftpd: (jordi@62.81.X.X) [INFO] Logout - CPU
time spent: 0.000 seconds.

I try to connect from my job (62.81.X.X) and I can login, but different
persons from internet... they cannot.
?=BF?

I have modified my /etc/shorewall/rules only!!!->

DNAT      net  fw:192.168.0.1:21   tcp   ftp

to

ACCEPT         net  fw             tcp   ftp

and the pure-ftpd script. I clear -S 192.168.0.1:21 parameter.


     Jordi



La informaci=F3n incluida en el presente correo electr=F3nico es CONFIDENCIAL,
siendo para el uso exclusivo del destinatario arriba mencionado. Si usted
lee este mensaje y no es el destinatario se=F1alado, el empleado o el agente
responsable de entregar el mensaje al destinatario, o ha recibido esta
comunicaci=F3n por error, le informamos que est=E1 totalmente prohibida
cualquier divulgaci=F3n, distribuci=F3n o reproducci=F3n de esta comunicaci=F3n,
y
le rogamos que nos lo notifique, nos devuelva el mensaje original a la
direcci=F3n arriba mencionada y borre el mensaje.
Gracias.

Tom Eastep

2002-Sep-23 16:07 UTC

head link

[Shorewall-users] FTP Passive Mode - Continue

jgarcian@retevision.es wrote:> Buf,
> 
> I don''t understand nothing....
> 
> Sep 23 17:33:40 cosmos kernel: Shorewall:net2all:DROP:IN=eth0 OUT>
MAC=00:60:08:6f:56:e8:00:d0:01:3f:70:0a:08:00 SRC=64.37.X.X DST=62.57.X.X
> LEN=60 TOS=0x10 PREC=0x00 TTL=51 ID=8259 DF PROTO=TCP SPT=2387 DPT=21
> WINDOW=5840 RES=0x00 SYN URGP=0
> Sep 23 17:33:44 cosmos kernel: Shorewall:net2all:DROP:IN=eth0 OUT>
MAC=00:60:08:6f:56:e8:00:d0:01:3f:70:0a:08:00 SRC=80.24.X.X DST=62.57.X.X
> LEN=48 TOS=0x10 PREC=0x00 TTL=116 ID=6402 DF PROTO=TCP SPT=4754 DPT=21
> WINDOW=16384 RES=0x00 SYN URGP=0
> ...
> ...
> ...
> Sep 23 17:36:05 cosmos pure-ftpd: (?@62.81.X.X) [INFO] jordi is now logged
> in
> Sep 23 17:36:06 cosmos pure-ftpd: (jordi@62.81.X.X) [INFO] Logout - CPU
> time spent: 0.000 seconds.
> 
> I try to connect from my job (62.81.X.X) and I can login, but different
> persons from internet... they cannot.
> ?¿?
> 
> I have modified my /etc/shorewall/rules only!!!->
> 
> DNAT      net  fw:192.168.0.1:21   tcp   ftp
> 
> to
> 
> ACCEPT         net  fw             tcp   ftp
> 
> and the pure-ftpd script. I clear -S 192.168.0.1:21 parameter.

Something''s wrong -- please send me privately the output from
"shorewall
status".

-Tom
-- 
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net

Shorewall users - Sep 2002 - FTP Passive Mode - Continue

[Shorewall-users] FTP Passive Mode - Continue

[Shorewall-users] FTP Passive Mode - Continue