Sylvester wrote:
He never mentioned if it was susefirewall. Anyway, those are inbound;
If someone didn't mention the type of his firewall, it's IMO best choice to assume he's using SUSEFirewall, at least while he's posted to the opensuse mailing list.
When the client sends "PASV", the server responds by opening a random (or configured by PassivePorts) port. Referring to this port as "$P".
The server then sends "PORT $P" back to client, which then connects to the server on port $P.
That is passive mode as far as I understand.
It's still doesn't change the fact that it can be solved on SeSEfirewall like this: /etc/sysconfig/SuSEfirewall2 # Enter all ports or known portnames below, seperated by a space. # TCP services (e.g. SMTP, WWW) must be set in FW_SERVICES_*_TCP, and # UDP services (e.g. syslog) must be set in FW_SERVICES_*_UDP. # e.g. if a webserver on the firewall should be accessible from the internet: # FW_SERVICES_EXT_TCP="www" # e.g. if the firewall should receive syslog messages from the dmz: # FW_SERVICES_DMZ_UDP="syslog" # For IP protocols (like GRE for PPTP, or OSPF for routing) you need to set # FW_SERVICES_*_IP with the protocol name or number (see /etc/protocols) # # Format: space separated list of ports, port ranges or well known # service names (see /etc/services) # # Examples: "ssh", "123 514", "3200:3299", "ftp 22 telnet 512:514" # FW_SERVICES_EXT_TCP="ftp" Cheers Jan -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org