Re: IPTables configuration

Eul_Bofo a écrit :

Mind you, I'm definitely not a specialist in these affairs. I'm happy Nat
is working and all my familly's computers can share the DSL connection,
but I would need some advices to understand more and tweak my
configuration. The problem is all the documentations I read on iptables
were way too theoretic for me.

I have the feeling that many people trying to use iptables lack
theoretic knowledge of how it works and just throw rules without knowing
exactly what they do. I personnaly would not be able to use iptables if
I did not have good knowledge of its theory of operation.

This is what I get sometimes when I upload several files to my web page
(gFTP output, but the problem is similar on ftp and Filezilla) :

SIZE /fichiers/echange/algebre/01-ensembles.pdf

213 221684

227 Entering Passive Mode (212,27,63,3,107,150).
REST 221684

500 'REST': command unrecognized.
Impossible de télécharger /mnt/travail/TeX/Devoirs_et_Exercices/Exercices/
Arnaudies/algebre/decoupage/01-ensembles.pdf de Système de fichiers local
Déconnexion de l'hôte
Don't have a clue what is going on. Maybe it's an error from my
provider... ???

It seems that this server does not support the REST command. Here is the
description of this command in RFC 959 which defines the FTP protocol :


The argument field represents the server marker at which
file transfer is to be restarted. This command does not
cause file transfer but skips over the file to the specified
data checkpoint. This command shall be immediately followed
by the appropriate FTP service command which shall cause
file transfer to resume.

I wonder why your FTP client wants to use this command. If you just add
or replace files on the server, it should not be needed. Your client
sends a SIZE command to get the size of a file (221684, that's not so
big) just before and use the returned value in the REST command, so I
guess that it tries to append the file. Is this the expected behaviour ?

Anyway this seems different from what you wrote in your previous post
about being automatically disconnected after some time.

PS : c'est dommage de s'embêter à communiquer en anglais alors qu'il y a
des forums francophones.