Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
Re: [suse-security] probs with ftp-masquerading
  • From: "Azman Salleh" <azmansal@xxxxxxxxxxxxxxxxxx>
  • Date: Wed, 23 Jan 2002 17:00:44 +0800
  • Message-id: <001b01c1a3ec$713d80f0$150a0a0a@xxxxxxxxxx>
right...

azman
----- Original Message -----
From: Peer Stefan <stefan.peer@xxxxxxxx>
To: 'Azman Salleh' <azmansal@xxxxxxxxxxxxxxxxxx>; <suse-security@xxxxxxxx>
Sent: Wednesday, January 23, 2002 4:53 PM
Subject: AW: [suse-security] probs with ftp-masquerading


ftp-data is port 20, ftp control port is 21.

regards,
stefan

-----Urspr√ľngliche Nachricht-----
Von: Azman Salleh [mailto:azmansal@xxxxxxxxxxxxxxxxxx]
Gesendet: Mittwoch, 23. Jänner 2002 02:38
An: suse-security@xxxxxxxx
Betreff: Re: [suse-security] probs with ftp-masquerading


I got similar problem last time. Found out that I had to let through
port "ftp-data" as well as "ftp".
I think they are ports 21 and 22 respectively. My original firewall config
only let thru
port "ftp", that's why I could connect to an ftp server, but could not get a
dir listing.

azman

----- Original Message -----
From: OKDesign oHG Security Administrator <security@xxxxxxxxxxx>
To: <suse-security@xxxxxxxx>
Sent: Tuesday, January 22, 2002 3:24 PM
Subject: RE: [suse-security] probs with ftp-masquerading


> Okay,
>
> I've now learned a lot of security-wisdom and that the SuSE-firewall 2 is
a
> damned good tool (something I already knew).
> But my problem is still unsolved. For any reasons ftp-masquerading doesn't
> work.
> I tried what Ralf recommended, but the two iptables-commands didn't have
any
> result (okay, maybe they had, but they didn't enable ftp-masquerading).
> I also looked for the modules ip_conntrack_ftp and ip_nat_ftp as GertJan
> told me. I had no luck to find the first one anywhere on my system
although
> the FW-Packe is installed. The second one is there and I did an insmod,
but
> this also didn't solve the problem.
> Ah yes, Lars pointed me to an error I made. Of course I didn't install my
> system from the crab, but from the scratch. Funny to image a crab with
> SuSE-Linux tied on the back :-)
> To Roman: Of course you are right, but as I already mentioned, I have to
> live with DAUs in my LAN, and it's hard enough to have my phone actually
> ringing like hell because this damn ftp doesn't work. By now I only answer
> "I'm working on it and I'll send a message to all users when it's working
> again..."; but to imagine to have to explain all users what
FTP-passive-mode
> is and how and why it must be used, is as hard as to imagine that my
> mother-in-law is going to stay for more than one week (one week is bad
> enough, but more will ruin my nerves *sigh*). I really don't know which
one
> I would prefer if I had only these two choices...
>
> Anyway, could someone help me in solving my problem ? I'm sure out there
on
> this list are lots of iptables-freaks knowing nearly all tricks one can do
> with it and it should be no big problem for them to find out how to enable
> this ftp-masquerading.
>
> Thanks in advance
>
> Stephan
>
>
> --
> To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
> For additional commands, e-mail: suse-security-help@xxxxxxxx


--
To unsubscribe, e-mail: suse-security-unsubscribe@xxxxxxxx
For additional commands, e-mail: suse-security-help@xxxxxxxx


< Previous Next >
References