Re: Linux Passive FTP Configuration
- From: Pascal Hambourg <boite-a-spam@xxxxxxxxxxxxxxx>
- Date: Thu, 10 Jul 2008 15:34:41 +0200
Fountain_spray a écrit :
2. So Linux IP filtering is effectively "AND'ed" with the network
firewall?
Obviously. How could it be otherwise ? If either filter drops a packet, that packet won't get through regarless the other filter accepted or would have accepted it.
3. I am now reading man iptables. We also have man ipchains.
Reading both. I would rather these did not exist,
it complicates the task of enabling passive FTP immensely.
iptables and ipchains being present does not mean that they are active.
iptables-save will tell if iptables is active. I do not remember about ipchains (too old).
4. How can I tell what RH kernel I have?
uname -a
5. I have not been able to get our Network Firewall Administrator to
do a sniffer trace on one server, let alone two.
I shall ask him to trace both Server A and Server B simultaneously.
I meant tnat you can do it yourself If you have root access on both servers - I guess this is required in order to setup proftpd. You do not need the firewall administrator.
6. Yes, I did restart proftpd on both Server A and Server B, and
still the PassivePort range is not used. Why?
I have no clue. Is the firewall doing NAT (address translation) ?
I defined the same PassivePort range on both servers. Bad idea?
It does not matter.
.
- Follow-Ups:
- Re: Linux Passive FTP Configuration
- From: Fountain_spray
- Re: Linux Passive FTP Configuration
- References:
- Linux Passive FTP Configuration
- From: Fountain_spray
- Re: Linux Passive FTP Configuration
- From: Fountain_spray
- Re: Linux Passive FTP Configuration
- From: Pascal Hambourg
- Re: Linux Passive FTP Configuration
- From: Fountain_spray
- Linux Passive FTP Configuration
- Prev by Date: Re: Linux Passive FTP Configuration
- Next by Date: Dynamic DNS
- Previous by thread: Re: Linux Passive FTP Configuration
- Next by thread: Re: Linux Passive FTP Configuration
- Index(es):
Relevant Pages
|
