[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: IPchains question

From: "Paul Rushing" <rushing shreve net>
To: <redhat-install-list redhat com>
Cc: <bchand squashduck com>
Subject: Re: IPchains question
Date: Sun, 4 Jul 1999 21:32:44 -0500

just out of curiosity are you loading the ip_masq_ftp module??

if not, then as root:  modprobe ip_masq_ftp

now try a non-passive ftp session from one of the clients.

works for me, i can use that brain dead windows command line ftp program
now.

-----Original Message-----
From: Brian Hand <bchand squashduck com>
To: redhat-install-list redhat com <redhat-install-list redhat com>
Date: Sunday, July 04, 1999 4:17 PM
Subject: Re: IPchains question


>Just as a quick clairifcation, passive mode works, i.e netscape.  it is
>command line ftp that gets screwed up.
>
>Brian
>
>
>On Sun, 4 Jul 1999, Paul B. Brown wrote:
>
>>
>> Hummm . . . .
>>
>> Port 20 = data connection
>> Port 21 = control connection (data connection as well in passive mode)
>>
>> If the data connection to port 20 is not being allowed then you have a
>> problem Houston.  My idea here is that the data connection is initiated
>> from the remote site, maybe?  If so, you're not allowing the connection.
>> Anyone else have any thoughts on this?
>>
>> Paul
>>
>> -------------------------------------------------------------------------
--
>> Paul B. Brown                          pbrown btechnet com
>> President
>> Brown Technologies Network, Inc.       http://www.btechnet.com/
>>
>> Unix Systems Administration            "Sailing is a state of mind . . .
."
>> -------------------------------------------------------------------------
--
>>
>> On Sun, 4 Jul 1999, Brian Hand wrote:
>>
>> > Hello, I am using the following two ipchains commands to setup ip
>> > masquade on a 10.*.*.* network
>> >
>> > /sbin/ipchains -P forward DENY
>> > /sbin/ipchains -A forward -s 10.0.0.0/255.0.0.0 -j MASQ
>> >
>> > every thing works fine except for active ftp sessions,  can anyone
offer
>> > the command you use to allow active ftp connections back in.  I realize
>> > that passive does work, however I have many winblows and macincraps on
the
>> > private network and they are the ones I need to get working.
>> >
>> > Thanks
>> > Brian
>> >
>> >
>> >
>> >
>> > --
>> >   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST
ARCHIVES!
>> > http://www.redhat.com http://archive.redhat.com
>> >          To unsubscribe: mail redhat-install-list-request redhat com
with
>> >                        "unsubscribe" as the Subject.
>> >
>>
>>
>> --
>>   PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST
ARCHIVES!
>> http://www.redhat.com http://archive.redhat.com
>>          To unsubscribe: mail redhat-install-list-request redhat com with
>>                        "unsubscribe" as the Subject.
>>
>
>
>--
>  PLEASE read the Red Hat FAQ, Tips, Errata and the MAILING LIST ARCHIVES!
> http://www.redhat.com http://archive.redhat.com
>         To unsubscribe: mail redhat-install-list-request redhat com with
>                       "unsubscribe" as the Subject.
>

Follow-Ups:
- Kernel panic after PC upgrade
  - From: Shawn Gu
- Re: IPchains question
  - From: Brian Hand

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]