Hi all,
After reading the PM Firewall thread I got to thinking about my setup at
home. I occasionally have problems with passive ftp and I figured it was
about time to look into it.
Essentially, active FTP works fine - I have unprivileged ports open for
ftp-data for this. Passive FTP, however, works fine... sometimes.
Interestingly enough, using the example in Andrew's email:
> $ftp
> ftp> pas
> Passive mode on.
> ftp> open metalab.unc.edu
> Connected to metalab.unc.edu
Everything worked fine. But doing the same thing to a different site got me
this:
$ ftp
ftp> pas
Passive mode on.
ftp> open ftp.nessus.org
Connected to www.nessus.org.
220 www.whitehats.com FTP server (Version 6.4/OpenBSD) ready.
Name (ftp.nessus.org:marcm): anonymous
331 Guest login ok, type your name as password.
Password:
230 Guest login ok, access restrictions apply.
Remote system type is UNIX.
Using binary mode to transfer files.
ftp> ls
227 Entering Passive Mode (199,181,107,23,231,245)
ftp: connect: No route to host
Uh-oh.
Now I don't think this is related to IP Masquerading because I ran the above
test on the IP Masqing server itself. In theory, the IP Chains shouldn't be
interfering in the passive ftp because, well, it's passive ftp (active works
fine, BTW), plus nothing appears in my logs.
So any thoughts? My guess is it's a problem on the other end, but I'd love
some input.
Marc
-- Marc Matteo Online Technology Leader http://www.sacbee.com**************************************************************************** * To UNSUBSCRIBE from the list, send a message with "unsubscribe lug-nuts" * in the message body to majordomo@saclug.org. Please direct other * questions, comments, or problems to lug-nuts-owner@saclug.org.
This archive was generated by hypermail 2b29 : Fri Feb 25 2000 - 14:29:10 PST