Sandy Drobic wrote:
Jose wrote:
Sandy Drobic wrote:
Jose wrote:
Hi everybody,
I have two suse 10.1 servers and the target server, is running
vsftp, ports 20,21 are open from the firewall, I can ftp into from
my desktop computer using command line ftp, but from the other
server which also has port 20,21 open, I can login, but if I try to
run any command as simple as a dir or ls, I get the following:
227 Entering Passive Mode (129,15,99,44,197,69)
200 PORT command successful. Consider using PASV.
425 Failed to establish connection.
I suspect that your firewall is not ftp aware. Please check that the
neccessary iptables modules ip_conntrack_ftp (ip_nat_ftp if you use
NAT), ip_conntrack are loaded.
To check disable your firewall and try to ftp. If it works the
firewall must be configured to track ftp connections.
I tried it turning off the firewall first on the tagret server, same
problem, then I turned off firewall on the client server, same
problem, how can I check I have those modules loaded?
lsmod | grep ftp
ip_nat_ftp 2448 0 (unused)
ip_conntrack_ftp 3568 1
iptable_nat 15790 8 [ipt_MASQUERADE ip_nat_quake3
ip_nat_proto_gre ip_nat_pptp ip_nat_mms ip_nat_irc ip_nat_h323
ip_nat_ftp]
ip_conntrack 18896 7 [ipt_MASQUERADE ipt_state
ip_nat_quake3 ip_conntrack_quake3 ip_nat_pptp ip_conntrack_pptp
ip_conntrack_proto_gre ip_nat_mms ip_conntrack_mms ip_nat_irc
ip_conntrack_irc ip_nat_h323 ip_conntrack_h323 ip_nat_ftp
ip_conntrack_ftp iptable_nat]
Can you use passive ftp on the server itself?
Sandy
Hi Sandy,
No, after I sent las t email, I tried "passive" just after login to the
server (turns off passive), and then "epsv" and then it works, I have
the firewall of the target server on, and client's firewall is off, and
I am able to download the files I need, but I don't think this is a good
solution, the target server is actually a Suse10.0 and client is a
Suse10.1, don't know if that would be part of the problem.
Tried your command, nothing at all.
--
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
