ftp from Red Hat AS 4.4 to Open VMS System
Troy Knabe
knabe at 4j.lane.edu
Tue Dec 12 16:16:01 UTC 2006
This iptables entry works for what I am doing.
Thanks,
-Troy
Gaddis, Jeremy L. wrote:
> On 12/11/06, Troy Knabe <knabe at 4j.lane.edu> wrote:
>> Thanks to everyone who responded. When you do an ls or dir on a remote
>> host, it creates a "new" connection back to the server, so it is not
>> persistent. It appears to be grabbing a random port in the 53*** area.
>
> Such is the nature of the FTP protocol.
>
>> Is there syntax in iptables to allow all ports from a host over port
>> 1024?
>
> Try "iptables -A INPUT -p tcp -s A.B.C.D/255.255.255.255 --dport
> 1024:65535 -j ACCEPT"
>
>> I also had to issue the *passive* command once connected before I could
>> run an ls or dir.
>
> "passive" indicates that the FTP client indicates the data connection
> to the server, while using "active" mode (normally the default) the
> FTP server initiates the data connection back to the client (which can
> present problems if there is a firewall active).
>
> -j
>
More information about the redhat-list
mailing list