Firewall issues with setting up vsftp server
Terry Linhardt
linhardt at swbell.net
Sat Dec 11 16:17:30 UTC 2004
I am attempting to set up an ftp server on an internal network. (All
hosts are 192.168.1.*) I am using vsftp, but stumbling over an iptables
related issue. Also, this is Fedora Core 3.
vsftp is running as a stand-alone daemon. I used the "security level"
icon to permit ftp traffic on the server. At that point I CAN connect
from a remote client to the ftp server. I can login properly. I can cd
to a directory of choice. However, as soon as I try to download data (or
even do an ls), I get a message of "entering passive mode" and then "no
route to host" error message. This problem can be eliminated by going to
/etc/rc.d/init.d and doing an "iptables stop", which turns off all
firewall features. However as soon as I reactivate the iptables I once
again get the "no route to host" message when I try to transfer data.
I am guessing that I am getting blocked by a closed port. I've done
some research, and generally understand the concept, but don't
understand how to get past what appears to be a closed port issue
without opening up a large range of ports. While that may not be
distasteful on my private network, it is not desirable if I eventually
make this machine available to the outside world.
Any guidance would be appreciated.
Thanks...Terry
More information about the fedora-list
mailing list