similar to: ftp firewall/iptables

Greetings, Beginning today, I started to receive the following when ftp'ing to my CentOS 6 machine: ncftp /home/pyz2 > dir connect failed: No route to host. connect failed: No route to host. connect failed: No route to host. Falling back to PORT instead of PASV mode. I can make a connection, but I can't get a directory listing or transfer data/files. I'm flummoxed. What I had

New install of CentOS 4.1; our first try at the 4.x. On previous 3.x installs we've used proftpd. On this one we're using (trying to use is a better statement of what we're going through) the default daemon, /usr/sbin/vsftpd. But we don't get anywhere. <snip> ftp> passiv Passive mode off. ftp> put ~/xorg.conf.work local: /home/jlasman/xorg.conf.work remote:

Hi, after opening the AUTH port in my ipchains filter, I still can't get directory listings from ftp.winehq.com. Google shows there was a bug in the ProFTPD 1.2.0pre10 which is used on ftp.winehq.com: "Bug#74153: marked as done (proftpd sometimes refuses to list directories"

Hi, ok Im all new to this :-) for pasv ftp in your example you say for example to use ports 65500-65535, but i dont see that u open those ports in your example fw scripts..? any hints ? -- Christophe Zwecker mail: doc@zwecker.de Hamburg, Germany fon: +49 179 3994867 http://www.zwecker.de "Who is General Failure ? And why is he reading my disk

Hello, I am setting up ProFTPd daemon (from EPEL repository) under CentOS 5.2 and I need encrypted connection. Daemon is configured perfectly, there is no problem - if iptables is off connection is smoothly established, but when iptables is on, connection in FTP client ends on command LIST without response. Last command with response (positive) is PASV. Thank you for your replies Martin ??astn?

Hello , Regarding a previous post in this group. (see below) Does anyone know how I can change the options for ipnat_ftp or ip_conntrack_ftp when I don''t load them as modules but have them compiled in the kernel? I''ve been looking on google since long now, but can''t seem to find it. Any idea, anyone? I have added these ''options'' and did a network

Howdy I'm trying to run FTP server behind firewall. And i can't enable passive mode from the Internet. There are plenty howtos but there aren't many with my combination. For now i have configured port forwarding and ftp server itself. On the router: # firewall-cmd --list-all --zone=external external (active) interfaces: enp3s1 sources: services: openvpn ssh ports: 1194/tcp

Still not working I really have to change 21 port on 80 port, my friend has only www and mail on his netwok. He has rigorous admin. I have done : !! in proftpd.cof : # Port 21 is the standard FTP port. Port 80 !! in /etc/shorewall/modules: loadmodule ip_conntrack_ftp ports=21,80 loadmodule ip_nat_ftp ports=21,80 AFTER THAT AND RESTARTTING PROFTP AND

I am trying to get the AllowFTP action to work for Net > DMZ traffic and FTP pasv. I know it is kind of working, as the user can log in, however, it fails at the port. I have had to open up some high ports for pasv to work. Now I know this aint cool, so does anyone know what a person has to do to get the AllowFTP action to work the same way it does if I was just ftp to the firewall, which does

I'm having a heck of a time getting vsftpd to work properly. When Iptables are OFF, it works fine, and when iptables is on, it dies. When I try ftp from a command line, here's what the session looks looks like: [root at mylaptop ~]# ftp ftp.server.com Connected to ftp.server.com. 220 Welcome to My Company FTP 530 Please login with USER and PASS. 530 Please login with USER and PASS.

I apologize for the first message. :) --------------------------------------- I have an FTP server running in the DMZ section of my home network. It uses port 23000 for connection and ports 19990 to 19994 for data transfer. I have setup the following rule for outside people to connect to it: DNAT net dmz:192.168.2.2 tcp 23000 I''m at work right now and I can''t use

Hello list, I have these sorts of filters, putting traffic into the appropiate classid (1:15 is the default class): ${TC} filter add dev ${DEV_IFB} parent 1:0 prio 1 protocol ip u32 \ match ip protocol 0x6 0xff \ match ip sport 22 0xffff \ classid 1:11 # ssh ${TC} filter add dev ${DEV_IFB} parent 1:0 prio 1 protocol ip u32 \ match ip protocol 0x6 0xff \ match ip dport 22

Hi list, im having a problem with proftpd access when my firewall is running. Im using centos 4.3 with proftpd-1.2.10-10.2.el4.rf i haven't done any modification from my proftpd i just run the server. my iptables ruleset is very simple i use stateful routing. iptables -A INPUT -i ! $WAN -j ACCEPT iptables -A INPUT -i $WAN -m state --state NEW -p tcp --dport 21 -j ACCEPT -- Regards,

Hi, I have tried unsuccesfully to limit my ftp server send speed in linux. I have an ipcop linux firewall/router with 2 nics. 1 nic (eth1) is connected to a 3mbit/384Kbit cable connection and the other (eth0) a switch. Behind it i have a suse linux box and a windows box. On the suse box i run proftpd. I need to shape my passive ftp send speed to 34KBytes because if it is maxed out at 45K

Hi! I use standard Bering 2.2.2. I am trying to get my FTP-server to work with another portnumber than 21 (On port 21 all works great, but I´m really interested in running two FTP-servers, so I want to figure this one out first). Read the FAQ: http://www.shorewall.net/FTP.html and now I got this setup: In Rules: DNAT net loc:192.168.3.2 tcp 99 In Shorewalls modules.conf (tried

Hello, I usualy permit TCP traffic on ports from 1025 to 65535 of the servers that I need to permit FTP access. Is there a more secure way to permit FTP access instead of to permit such ports? I have a FreeBSD gateway/router on a building with these ports open and I?m having some problems with users using softwares like Kasaa and eMule. Any help would be appreciated. Thank?s Ronan

Hi, I''m using the same set of firewall rules of 2.0.x (sorry, I can''t remember the exact minor version) and put it to work with 2.0.9. And now I can''t do passive ftp (was working before). I see that my NEWNOTSYN is set to Yes, and the loc->net rule is blocking 1024:65535. But I believe with the ip_conntrack_ftp, the passive mode would be allowed, since

Hello I''ve setuped a bridge with iptables + layer + ipp2p + tc I don''t know how to shape passive ftp ? If I put rules on port 20, 21 or using layer 7 iptables accounting still empty ... When I done a tcpdump I can see that othe port than 20 or 21 are used ... Any Ideas of how I can achieve this ? Regards

I have Centos3.3 installed, vsftpd, apache2, ports 20&21 open on router, firewall disabled at this time : /etc/passwd looks like this --- ftpadmin:x:502:502::/var/www:sbin/noligin uncommented the lines in /etc/vsftpd/vsftpd.conf : chroot_list_enable=YES chroot_list_file=/etc/vsftpd.chroot_list I can access ftp from within network no problem, but using external ip it will validate login

Hello everyone, I run a Pure-FTP server on my DMZ. I can specify with Pure-ftp what ports will be used for clients when they connect with passive mode. I entered 50000 50400, so I have enough for 200 users at the same time. Then the pure-ftp website tells me to open up those ports on the firewall. How do I do this? In my rules file is now something like: ACCEPT net dmz:10.0.0.2 tcp