On 01/11/2013 05:45 AM, Dario Lesca wrote: > Hi, I have a web/ftp server into DMZ via proxy arp behind a shorewall > 4.4.x firewall. > > All work fine, also FTP in passive mode, but not in active mode. > > I have a old hardware witch put some some time data binary files via ftp > on my server, sin that does not support passive mode (like ftp.exe of > winxp also do) and this is my problem. > > On my network I have 3 Centos6.3 ftp server (2 for test only): > 1) on firewall (for test only) > 2) into LAN via nat (for test only) > 3) into DMZ via proxyarp (real server) > > In shorewall I have this 3 rules: > 1) FTP(ACCEPT) net fw:1.1.1.1 > 2) DNAT net loc:192.168.1.250 tcp ftp - 1.1.1.3 > 3) FTP(ACCEPT) net dmz:1.1.1.2 > > Only the server 2 work fine in active and passive mode, only on server 2 > my old external hardware work and load the data file via PUT and list > via DIR without timeout. > > On server 1 (test server) and 3 (real destination server) the ftp > transfer data work only in passive mode (tested with ncftp.exe and > FileZilla on winXP and lftp on client Linux), in active mode (ftp.exe > winxp) the connection to server with account work, but the subsequent > PUT and DIR commands goto timeout > > Someone have some suggest?
What do you see in the system log when transfer fails? Have you looked at http://www.shorewall.net/FTP.html? -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and much more. Get web development skills now with LearnDevNow - 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122812
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
