On Tuesday 23 April 2002 17:40, Michael Garabedian wrote:
It has something to do with the ports... Passive and active use two different ports, Find out what passive uses and make sure it is set up to accept it.
Active ftp means that the data connection is established from port 20 on the server to a high port (> 1023) on the client. This means that the client has to open up its firewall to high port connections, which can potentially be a security hole. Passive ftp on the other hand means that the data connection is established from the client to a high port on the server. This means that the client never has to accept inbound connections, and therefore won't have to open his firewall. On the other hand, the server will have to open *its* high ports. Theoretically, you should only have to put "ftp-data" in the "FW_ALLOW_INCOMING_HIGHPORTS_TCP" section of firewall.rc.config, but that has never worked for me. Put "yes" there and everything should work as intended, though make sure you don't have other things running on the server that listens to high ports, such as X. regards Anders