Re: [SLE] susefirewall2 and ftp

On Wed, 2005-12-07 at 06:36 +0100, wavesurf@xxxxxxxxx wrote:
> Op woensdag 7 december 2005 04:03, schreef John Scott:
> > On 12/6/05, wavesurf@xxxxxxxxx <wavesurf@xxxxxxxxx> wrote:
> > > Hello,
> > >
> > > I have setup "vsftpd" and it works fine with the firewall off.
> > > The problem is, that there is no option, in the service, in the
> > > firewall-yast, for FTP?
> > > What am i missing?
> > > --
> > > thanks,
> > > Gerrit Jan Eldering
> > >
> > > KDE-versie: 3.5.0 Level "a"
> > > Systeem: SuSELinux 10.0
> > > Kernel: 2.6.13-15-default
> >
> > In susefirewall-yast, click allowed services then advanced and add
> > then add 21 to the tcp list of ports.
> >
> > John
>
>
> I did so, but that won't work, it's very strange...
> --
>
> --
>
> Gerrit Jan Eldering
>
> KDE-versie: 3.5.0 Level "a"
> Systeem: SuSELinux 10.0
> Kernel: 2.6.13-15.7-default
>
Hi Gerrit,

I had a similar issue before,
Firstly if you have one network interface, you must set the interface as
an external, then you must disable protect from internal, because it
will override the external settings, external being the same interface
as internal in my case. enable ports 20 and 21 remember to type the port
numbers in space separated and no commas. (just a space.)

Enable the firewall then from a local shell run
#netstat --tulpen

post the output which shows what services are running and which ports.

Then port scan your box to see if the port is available.

#nmap <your-ip>

which will show which ports are available.
post the output as well,

does your /etc/xinetd.d/vsftpd file look like this?

service ftp
{
# server_args =
# log_on_success += DURATION USERID
# log_on_failure += USERID
# nice = 10
disable = yes
socket_type = stream
protocol = tcp
wait = no
user = root
server = /usr/sbin/vsftpd
}


and this is a copy of my vsftp.conf file which is just for anonymous
connections.

chadlap:~ # grep -v ^# /etc/vsftpd.conf

dirmessage_enable=YES
anonymous_enable=YES
anon_world_readable_only=YES
syslog_enable=YES
connect_from_port_20=YES
pam_service_name=vsftpd


keep posting... :')

Cheers
Chadley













--
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@xxxxxxxx
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@xxxxxxxx

Relevant Pages

  • Re: Publish Web Server behind SBS 2003 Standard
    ... Microsoft CSS Online Newsgroup Support ... When opening a new thread via the web interface, ... |> Method 2: Different ports ... |> "Network Connection". ...
    (microsoft.public.windows.server.sbs)
  • Re: Name Mangling in SystemVerilog (Issues for synthesis / P&R sims)
    ... Putting a Verilog wrapper around your SV subsystem gives ... name mangling of the ports by synthesis. ... want an interface to hook it to your SV testbench. ... I generally do that with a completely separate interface ...
    (comp.lang.verilog)
  • Re: my future telephones [telecom]
    ... The short answer to the cost question is that I spent way too much ... I decided to use my existing Cisco routers for POTS ports since I was ... already familiar with the management interface. ... router comes back up. ...
    (comp.dcom.telecom)
  • Re: Trunking on gigastac
    ... that are all daisy chained via their gig ports. ... introduce 3 new vlans as there is only vlan 1. ... interface FastEthernet0/1 ... snmp-server community private RW ...
    (comp.dcom.sys.cisco)
  • Re: troubles with ng_fec on -current
    ... >>real interface as the MAC address for the virtual and all other ports ... The ng_fec reprograms MAC addresses of all ports ... Add ports to the bundle. ... the hardware MAC filters reconfiguration. ...
    (freebsd-net)