On Mon, 2003-08-11 at 14:04, Victor McAllister wrote:He used ethereal
I am helpiing a friend upgrade a Dachstein box to Bering 1.2 over DSL PPPoE. He has a windows program (192.168.1.100 machine) on the internal network that sends a gif file for a weater broadcast every 15 minutes. The remote server accepts his login and password. It says binary passive. It then sends the PORT that ends in port 4061.
Shorewall.log shows no packets dropped from the ftp server. It does show som port 135 stuff dropped.
It works in Dachstein but does not work in Bering. The Berin box loads the modules ip_conntrack_ft and ip_nat_ftp are loaded per default.
I understand that that kernel 2.4 allows connection tracking for active ftp transfers.
The file does not get transfered.
I have ssh access to his firewall.
Any suggestions? It is not blocking by the ISP since we can boot up Dachstein and it works. Any suggestions???
Given that you have the above-mentioned modules loaded and you have the normal loc->net policy of ACCEPT, ftp should work. I'd look at the session on ppp0 with tcpdump - either capture to a file and analyze with ethereal or snarf enough of the data packets to see the control connection: (e.g., "tcpdump -Xni ppp0 -s 2048 host 192.168.1.100 and port 21" )
-Tom
After logging in successfully to the remote ftp server.
Request: TYPE I
Responce: 200 set to I
Request: PASV
Responce: 227 Entering Passive mode (199,x,y,z,31,245) ** actual IP of remote ftp server hidden
Request: STOR /www/screenID010.jpg
FTP-DATA: Ftp Data:1460 bytes
FTP-DATA: Ftp Data:1460 bytes
Responce: 150 Opening binary mode for connection for /www/screenID010.jpg
FTP 302 ACK seq= ack= win=33396 len-0
Responce: 150 Opening binary mode data connection for /www/screenID010.jpg
302 > ACK seq= ack= win=57915 len-0
Responce: 150 Opening binary mode data conn
no dat sent - no shorewall log entry relating to FTP
this is typed from an etherreal file he sent by email
-- Victor McAllister
------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
