[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ale] iptables, nonstandard ftp and logging?
- Subject: [ale] iptables, nonstandard ftp and logging?
- From: Robert.L.Harris at rnd-consulting.com (Robert L. Harris)
- Date: Mon, 20 Nov 2000 18:29:03 -0700
At this point I'm actually trying from the firewall itself,
and using ncftp I've set "passive on" and retried. Even
quicking out of ncftp, checking settings and restarting, I
get the same thing. An "ls" times out. I can CD to
my hearts content, but any attempt to get or ls fails.
Robert
Thus spake Eric Z. Ayers (eric.ayers at mindspring.com):
> If you are trying to use FTP from behind a firewall, then
> try typing 'passive' before you type 'ls'.
>
> This forces all of the ports on the server to be opened as server
> ports, so that all connections must be initiated from inside the
> firewall.
>
> -Eric.
> Robert L. Harris writes:
> >
> >
> > I can connect to the ftp server on that port, but when I do an "ls" and
> > it tries to open the data connection it times out.
> >
> > Robert
> >
> >
> > Thus spake Prasanna P Subash (psubash at turbolinux.com):
> >
> > >
> > > it could be as simple as /etc/hosts.allow or /etc/hosts.deny. I always end up forgetting those files.
> > >
> > > -Prasanna
> > >
> > > On Mon, Nov 20, 2000 at 03:32:39PM -0700, Robert L. Harris wrote:
> > > >
> > > >
> > > > I'm trying to connect to an ftp server on port 3011. It appears to
> > > > timeout, and I'm thinking it's nota ccepting the ports on the way
> > > > back. How do I tell iptables to log all failed packets coming
> > > > to me from the net so I can watch for odd things? I don't see
> > > > a "--log-rejected" or I just may not be understanding it.
> > > >
> > > > Robert
> > > >
> > > >
> > > > :wq!
> > > > ---------------------------------------------------------------------------
> > > > Robert L. Harris | Micros~1 :
> > > > Senior System Engineer | For when quality, reliability
> > > > at RnD Consulting | and security just aren't
> > > > \_ that important!
> > > > DISCLAIMER:
> > > > These are MY OPINIONS ALONE. I speak for no-one else.
> > > > FYI:
> > > > perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
> > > >
> > > > --
> > > > To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
> > >
> > > --
> > > Prasanna P Subash
> > > psubash at turbolinux.com
> >
> >
> >
> >
> >
> > :wq!
> > ---------------------------------------------------------------------------
> > Robert L. Harris | Micros~1 :
> > Senior System Engineer | For when quality, reliability
> > at RnD Consulting | and security just aren't
> > \_ that important!
> > DISCLAIMER:
> > These are MY OPINIONS ALONE. I speak for no-one else.
> > FYI:
> > perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
> >
> > --
> > To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.
:wq!
---------------------------------------------------------------------------
Robert L. Harris | Micros~1 :
Senior System Engineer | For when quality, reliability
at RnD Consulting | and security just aren't
\_ that important!
DISCLAIMER:
These are MY OPINIONS ALONE. I speak for no-one else.
FYI:
perl -e 'print $i=pack(c5,(41*2),sqrt(7056),(unpack(c,H)-2),oct(115),10);'
--
To unsubscribe: mail majordomo at ale.org with "unsubscribe ale" in message body.