I did not get Active FTP to work yesterday. Further the version of FTP Voyager I have 6.1.1.0 would not work no matter how I had it setup with this Linux Firewall. It worked fine before with an NT Based Proxy server named Wingate. I have another FTP software that I hate FTP Commander v5.5 that worked fine in Passive Mode with the Linux config I have so the whole FTP problem does not just rely on the firewall side of things.
For what I need to do at the moment I really don't care whether I use Active or Passive. If Active requires me to open a port on the outside of the firewall I prefer passive. I may need to upgrade FTP Voyager to get it to work in passive mode with this new configuration. I did not have ip_nat_ftp and the ip_conntrack_ftp loaded so I did need to modprobe that to get passive working on FTP Commander. I also need to read the doc concerning Active VS Passive FTP. -----Original Message----- From: Bob Surenko [mailto:[EMAIL PROTECTED]] Sent: Tuesday, March 12, 2002 8:56 AM To: Joffer Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED] Subject: Re: FTP Software error with IPTables On Tue, 12 Mar 2002 02:41:08 +0100 "Joffer" <[EMAIL PROTECTED]> wrote: > but active ftp also requires you to open port 20/tcp inbound to > highports/tcp, since the ftpserver will initiate a connection from port 20 > to port N+1 (where N is the highport your computer chose when initiate a > connection to the ftp server on port 21 (cmd). If I must have a rule for port 20, instead of relying and RELATED then why does executing my script twice make active ftp work? > > A great readthrough would be "Active FTP vs. Passive FTP, a Definitive > Explanation": http://www.slacksite.com/other/ftp.html > > > /christopher thorjussen > > ----- Original Message ----- > From: "Tony Hebert" <[EMAIL PROTECTED]> > To: "Bob Surenko" <[EMAIL PROTECTED]> > Cc: "Ron Darling" <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> > Sent: Monday, March 11, 2002 11:15 PM > Subject: Re: FTP Software error with IPTables > > > > make sure you are loading the ip_nat_ftp and the ip_conntrack_ftp modules. > > otherwise active ftp will never work > > > > > > > > "What are the best things in life?" > > > > "To Crush your Enemies, > > See them Driven before You, > > And Hear the Lamentations of the Women." > > > > - Conan the Barbarian > > > > > > > > > > > > > > >
