Find the answer to your Linux question:
Results 1 to 3 of 3
Hi everybody, I am using FC4 I have firewalls on my system, which have configured through system-config-securitylevel Chain RH-Firewall-1-INPUT (2 references) target prot opt source destination ACCEPT all -- anywhere ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
  1. #1
    Linux Newbie
    Join Date
    Jul 2004
    Posts
    143

    reg ftp


    Hi everybody,
    I am using FC4
    I have firewalls on my system, which have configured through system-config-securitylevel

    Chain RH-Firewall-1-INPUT (2 references)
    target prot opt source destination
    ACCEPT all -- anywhere anywhere
    ACCEPT icmp -- anywhere anywhere icmp any
    ACCEPT ipv6-crypt-- anywhere anywhere
    ACCEPT ipv6-auth-- anywhere anywhere
    ACCEPT udp -- anywhere anywhere udp dpt:ipp
    ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
    ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:22456
    ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ssh
    ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:smtp
    ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:http
    ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:ftp
    ACCEPT tcp -- anywhere anywhere state NEW tcp dpt:https
    REJECT all -- anywhere anywhere reject-with icmp-host-prohibited



    Here I allowed to ftp
    But I unable to connect to ftp
    This is the error message what I am getting:

    ftp ftpserver
    Connected to ftpserver
    220 (vsFTPd 2.0.3)
    530 Please login with USER and PASS.
    530 Please login with USER and PASS.
    KERBEROS_V4 rejected as an authentication type
    Name (69.64.49.4:root): abc
    331 Please specify the password.
    Password:
    230 Login successful.
    Remote system type is UNIX.
    Using binary mode to transfer files.
    ftp> ls
    227 Entering Passive Mode (69,64,49,4,166,159)
    ftp: connect: No route to host
    ftp>


    and if I disable the passive mode,
    ftp> passive
    Passive mode off.
    ftp> ls
    500 Illegal PORT command.
    ftp: bind: Address already in use
    ftp>


    If I disable the firewalls, everything is fine.
    But it is my live server.

    Please help me to resolve this.

    Thanks Inadvance,
    Mummaneni.

  2. #2
    Just Joined! eAragorn's Avatar
    Join Date
    Jun 2006
    Location
    Navi Mumbai
    Posts
    9
    Hi mummaneni

    In an almost identical circumstance with vsftpd on my PC, I enabled passive mode in the FTP configuration and then allotted a specific port range for the vsftpd operation. You do that by adding the following lines in /etc/vsftpd/vsftpd.conf
    pasv_enable=YES
    pasv_min_port=6001
    pasv_max_port=6002
    In this I have allocated a very small range 6001-6002(u may allocate whatever range u want, just stay in the higher numbered ports though).

    After this, you go to the firewall configuration (system-config-securitylevel)->Other ports section and add these ports (in my case only 6001 and 6002) all for a tcp connection. This is expected to work since u say that closing the firewall also makes it work.

    eAragorn

  3. #3
    Linux Newbie
    Join Date
    Jul 2004
    Posts
    143
    Hi eAragorn,

    Thanks for your reply.

    My problem has been solved after adding the module ip_nat_ftp with modprobe
    See this-->http://www.linux.ie/lists/pipermail/...st/002369.html


    Thanks & Regards,
    Mummaneni.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •