Re: ftp from Red Hat AS 4.4 to Open VMS System



This iptables entry works for what I am doing.

Thanks,
-Troy

Gaddis, Jeremy L. wrote:
On 12/11/06, Troy Knabe <knabe@xxxxxxxxxxx> wrote:
Thanks to everyone who responded. When you do an ls or dir on a remote
host, it creates a "new" connection back to the server, so it is not
persistent. It appears to be grabbing a random port in the 53*** area.

Such is the nature of the FTP protocol.

Is there syntax in iptables to allow all ports from a host over port 1024?

Try "iptables -A INPUT -p tcp -s A.B.C.D/255.255.255.255 --dport
1024:65535 -j ACCEPT"

I also had to issue the *passive* command once connected before I could
run an ls or dir.

"passive" indicates that the FTP client indicates the data connection
to the server, while using "active" mode (normally the default) the
FTP server initiates the data connection back to the client (which can
present problems if there is a firewall active).

-j


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list



Relevant Pages

  • understanding chkrootkit: sshd section
    ... Rhosts Authentication disabled, originating port will not be trusted. ... Secure connection to %.100s on port %hu refused%.100s. ... Warning: Remote host refused compression. ... Received RSA challenge from server. ...
    (comp.os.linux.security)
  • understanding chkrootkit: sshd section
    ... Rhosts Authentication disabled, originating port will not be trusted. ... Secure connection to %.100s on port %hu refused%.100s. ... Warning: Remote host refused compression. ... Received RSA challenge from server. ...
    (comp.security.unix)
  • Re: Possible BUG: Multiple HTTPrequests send from one includetext statement
    ... different program or Word converter to get the file. ... > fetched from a server via a HTTPRequest. ... > Host: localhost:8290 ... > Connection: Keep-Alive ...
    (microsoft.public.word.mailmerge.fields)
  • Re: Kerberos error KDC_ERR_BADOPTION
    ... Ran the same test again using the IP instead of the host name and got this: ... Reusing existing connection \n ... Server: Microsoft-IIS/6.0\r\n ... I suggest you use webfetch to perform a test and trace the rawdata of http ...
    (microsoft.public.inetserver.iis.security)
  • Re: Outgoing POP3 email missing/lost/not received
    ... Funny thing is that I have had this ISP for 8 years and it has always been ... It looks like when you last ran CEICW, you set the ISP's mail server to: ... Internet Connection Wizard. ... After the wizard completes, the following network connection ...
    (microsoft.public.windows.server.sbs)