similar to: SOLVED: passive FTP doesn''t work

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi all, This one really beats me. I''ve run out of idea how to get this right (well, I plan to format it and replace with mdk9.2). I''m running a gateway on mdk9.0 box using gShield. Now, since I have been using shorewall on my notebook with great satisfaction, I want to replace gShield with shorewall. So, I set it with this

Dear List i have upgrade my * box with the latest CVS version of Asterisk Stable 1.0 and zaptel/libpri my system is MDK9.2 with 1 TE410P and seems work well for now but i have a little amount of traffic (25 IN/OUT calls) i only notice this Warning.. What kind of error is? ------------------------------- Apr 20 21:28:49 WARNING[147466]: chan_zap.c:5979 zt_pri_error: PRI: !! Got reject for

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Dear all, I have this in my /var/log/messages (pls mind the line wrap): smbd3[3660]: [2004/07/09 15:31:26, 0] rpc_server/srv_util.c:get_domain_user_groups(372) smbd3[3660]: get_domain_user_groups: primary gid of user [fajar] is not a Domain group ! smbd3[3660]: get_domain_user_groups: You should fix it, NT doesn't like that Why is that?

Hi, Is there a sure way to test 2 cd's if they are true copies in rsync. I have tried this... rsync -avv /mnt/cdrom/ /mnt/cdrom2 ** result....quite shotened... misc/rpm2header is uptodate pkg-9.2-FiveStar-download-i586.idx is uptodate total: matches=0 tag_hits=0 false_alarms=0 data=0 wrote 65301 bytes read 20 bytes 1789.62 bytes/sec total size is 679261427 speedup is 10398.82 ** Is

Hi folks, I notice recently there are a lot of this: Jan 18 20:36:22 server kernel: Shorewall:net2all:DROP:IN=eth0 OUT= MAC=00:09:6b:a5:b1:65:00:07:50:e6:9a:40:08:00 SRC=202.147.243.4 DST=202.159.252.231 LEN=576 TOS=0x00 PREC=0xC0 TTL=58 ID=62481 PROTO=ICMP TYPE=3 CODE=1 [SRC=202.159.252.231 DST=202.147.243.4 LEN=576 TOS=0x00 PREC=0x00 TTL=64 ID=14923 DF PROTO=TCP SPT=80 DPT=1248 WINDOW=6432

Hi all, I'm not sure whether it is samba related, but I've got this situation: I'm sharing a clipper program with samba, and then user access it using dosemu installed in each workstation. The program runs fine, except, when it creates a temporary file, it creates the filename in small letter (not in capital letter when run in DOS). Seems that the program is having trouble with

Grant Taylor wrote: > I''ll have to double check some things to make sure that you don''t need > to do any thing special other than just allow the initial connection and > rely on the FTP connection tracking helper to handle all other connections. > > I''ve never run an FTP server behind a NAT, but I''ve never had a problem > with the FTP

I am trying to control traffic in my server and a doubt came over me... My ftp server is set up in passive mode, so it will randomly choose a port to transfer data (in my case ports 50000-50100)... Is there a way of controlling this ftp traffic without marking packets? Thanks! Bye... msn: fredi_bieging@hotmail.com skype: fredibieging A mathematician is a machine for converting coffee into

Hi, I just wanted to share my script with the list. I have been trying to shape outbound passive and active ftp traffic without affecting inbound and lan transfers. I have tried to do this for a long time and it seems that I have finally figured it out. Feel free to comment on the below script if there is anything that can be improved. It seems to work flawlessly so far. #!/bin/bash

Hi, I am trying to use the following script to limit my passive ftp traffic to 35KBytes. Problem is, it kill''s the entire connection on that computer. The script is running on the same machine as the ftp server. I was hoping to limit the ftp traffic, and only the ftp traffic, leaving the computer. It seems to limit everything, i tried transfering a file with samba and the whole

I am trying to mark outbound passive ftp traffic with iptables and shape it to 35KBytes. I am using the following script on the computer that runs the ftp server. It is not working correctly, it seems to limit ALL traffic. Cant file share or anything. Anyone might know what is wrong? #!/bin/bash #shaping passive ftp traffic # mark the outbound passive ftp packets on ports 50000-51000

Hi, I''m using the same set of firewall rules of 2.0.x (sorry, I can''t remember the exact minor version) and put it to work with 2.0.9. And now I can''t do passive ftp (was working before). I see that my NEWNOTSYN is set to Yes, and the loc->net rule is blocking 1024:65535. But I believe with the ip_conntrack_ftp, the passive mode would be allowed, since

Hello, I''m observing a weird bug with ip_nat_ftp in a somewhat more complicated constellation. It''s possible that XEN is also involved in this, but I''m not sure. What I''m trying to do is have XEN guest domains on a host, connected via a bridge into a private network. The the privileged domain attaches to this private network and acts as a NAT router to connect

On 05/05/2016 06:15 AM, Marcin Trendota wrote: > Also this IP looks weird - shouldn't it be public IP? Yes, it should. Are you using FTPS (FTP with TLS)? You probably need to set the pasv_address option.

Hello I''ve setuped a bridge with iptables + layer + ipp2p + tc I don''t know how to shape passive ftp ? If I put rules on port 20, 21 or using layer 7 iptables accounting still empty ... When I done a tcpdump I can see that othe port than 20 or 21 are used ... Any Ideas of how I can achieve this ? Regards

http://bugzilla.netfilter.org/show_bug.cgi?id=574 Summary: nf_conntrack_ftp.c ignores RFC 1123 regarding parentheses in FTP passive mode message 227 Product: netfilter/iptables Version: linux-2.6.x Platform: All OS/Version: All Status: NEW Severity: normal Priority: P3 Component:

Hi Folks, I''ve got shorewall 2.0.8 with mdk10.1. I have this strange things happening. Sometimes shorewall blocks tcp 25, 110. When I restart shorewall, it opens again. Any idea what I''m missing? This is my configuration: /etc/shorewall/policy #SOURCE DEST POLICY LOG LIMIT:BURST # LEVEL loc

Hi All How to classify packets belonging to a FTP session? Port 21 session is easy. but what about data transfers? Their port numbers (both) are above 1024. I was thinking about ip_conntrack_ftp. Something like: iptables -A FORWARD -p tcp --sport 1024: --dport 1024: \ -m state --state ESTABLISHED,RELATED -j CLASSIFY --set-class X:Y But what if I also have ip_conntrack_irc, for instance.

Hi all, I want to run vsftp behind a firewall.(i.e DMZ zone) . It is runnig as passive ftp. the theroy behind passive ftp is , - FTP server's port 21 from anywhere ( Client initiates connection) - FTP server's port 21 to ports > 1024 (Server responds to client's control port) - FTP server's ports > 1024 from anywhere (Client initiates data connection to

Howdy I'm trying to run FTP server behind firewall. And i can't enable passive mode from the Internet. There are plenty howtos but there aren't many with my combination. For now i have configured port forwarding and ftp server itself. On the router: # firewall-cmd --list-all --zone=external external (active) interfaces: enp3s1 sources: services: openvpn ssh ports: 1194/tcp