RH firewall and VSFTP...

From: badwishSPAMMATUSORELLA@xxxxxxxxxxx (Yellowpecora)
Date: Wed, 24 May 2006 16:54:23 +0200

Hello everyone,

got a problem with the above mentioned.
Situation:
Server running RHEL4, fully updated, with SELinux disabled, and VSFTP
v2.0.1 active. Two ethernet interfaces, eth0 (connected to LAN) and eth1
(connected to the internet, with a public IP address).
The built-in system firewall is configured to have eth0 as a trusted
device, thus allowing all traffic, and WWW, SMTP, POP3, FTP as trusted
services.

The problem is that when one tries to connect to the ftp server from an
external address, it usually receives an authentication failure, or a
550 Permission Denied, or a 425 Couldn't estabilish connection error.
This happens from certain networks only (including of course the one
that absolutely needs to connect to this server :-( ).
Seldom, the problem affects connections coming from the LAN, too.

I have tried to set manually the ports to keep open (20 and 21 TCP) to
no avail.

Please also note that the other services (apache, qmail, and so on)
filtered through the same rule set, work fine.

The problem is completely resolved if the firewall is turned off.

Anyone has suggestions about this issue?

TIA

--
YP
.

Follow-Ups:
- Re: RH firewall and VSFTP...
  - From: Vic

Prev by Date: DVD's on Centos
Next by Date: Re: DVD's on Centos
Previous by thread: DVD's on Centos
Next by thread: Re: RH firewall and VSFTP...
Index(es):
- Date
- Thread

Relevant Pages

Re: Microsoft FTP Server problem on W2K?
... client (rather than another server, as in proxy transfer), the IP address ... port) currently in use on the control connection. ... >the remote FTP server was, at least at a TCP level, prepared to accept the ...
(microsoft.public.inetserver.iis.security)
Re: Outgoing POP3 email missing/lost/not received
... Funny thing is that I have had this ISP for 8 years and it has always been ... It looks like when you last ran CEICW, you set the ISP's mail server to: ... Internet Connection Wizard. ... After the wizard completes, the following network connection ...
(microsoft.public.windows.server.sbs)
Re: Cannot connect client to server 2003
... you need to reconfigure the IP schema of your SBS ... On the SBS 2003 Server open the Server Management console. ... On the Connection Type page, click Broadband, and then click Next. ... Alternate DNS server, type the IP addresses that are provided by your ISP ...
(microsoft.public.windows.server.sbs)
RE: Interrupted FtpWebRequest upload stream
... I have done some test on my side and I think the server is really ... FtpWebResponse response; ... disable the network connection "Local Area ... From the ftp server, ...
(microsoft.public.dotnet.framework)
Re: Accessing my home FTP server through a wireless router
... > printers and internet connection under WinXP, ... > from a DHCP server, so I use a redirector, DNS2GO. ... > I figured out how to open the port to access my webserver and it works fine. ... I really need to remotely access my FTP server from work! ...
(microsoft.public.inetserver.iis.security)