On 11/15/2014 01:13 PM, Paul Groves wrote:
Hi All,
I have set up an anonymous FTP share on my FreeNAS box according to the following instructions:
http://youtu.be/wySXaTMMLoA?t=4m23s
This works fine when I access is over LAN in Dolphin and Firefox using ftp://192.168.0.10/
I have forwarded port 21 to 192.168.0.10 on my router, however when I try to access ftp://myinternetip/ it does not connect. I am faced with a loading icon for up to 10 mins in firefox before it times out and Dolphin just says it could not connect to the server after about 30 seconds.
I am able to access my owncloud successfully though. Any ideas?
FTP is an archaic protocol and one of my great hates. We are used to every other protocol, http, smtp and so on, using just the one channel. This is not the case for FTP, it needs two channels, it separates out command and control. Sadly the second channel/back channel is determined at run time. <quote src="http://www.ncftp.com/ncftpd/doc/misc/ephemeral_ports.html"> Unless a client program explicitly requests a specific port number, the port number used is an ephemeral port number. Ephemeral ports are temporary ports assigned by a machine's IP stack, and are assigned from a designated range of ports for this purpose. </quote> Some smart FTP firewalls inspect the packet content to determine the data channel and set up a port opening for that. There *are* ways to set up FTP with a fixed -- or predetermined -- channel assignment, they are well documented, but PLEASE do not take YouTube to be an authority in this matter! Please see the difference between "Active" and "Passive" FTP. http://slacksite.com/other/ftp.html Zeigler's book "Linux Firewalls" may be old, my copy has a copyright date of 2000, and is based on ipchains rather than iptables, but it is still authoritative about the principles. The second and later editions & revisions deal with iptables. Q.V. http://www.amazon.com/exec/obidos/ASIN/0735710996/ Later editions: http://www.amazon.com/Linux-Firewalls-Edition-Steve-Suehring/dp/0672327716 http://twitpic.com/clc8p0 http://digitalbooksonlinenow.com/Linux-Firewalls/p109957/?id=78 http://www.amazon.com/Linux-Firewalls-Edition-Steve-Suehring-ebook/dp/B000RH... Also http://www.amazon.com/Red-Linux-Firewalls-Bill-McCarty/dp/0764524631 -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org