Mailinglist Archive: opensuse (4633 mails)

< Previous Next >
Re: [opensuse] Need Router Recommendation
  • From: John Andersen <jsa@xxxxxxxxxxxxxx>
  • Date: Tue, 23 Jan 2007 10:26:40 -0900
  • Message-id: <200701231026.46479.jsa@xxxxxxxxxxxxxx>
On Tuesday 23 January 2007 10:11, Greg Wallace wrote:
> On Tuesday, January 23, 2007 @ 12:08 AM, Darryl Gregorash wrote:
> >On 2007-01-22 21:31, Greg Wallace wrote:
> >> <snip>
> >>
> >> John Anderson mentioned that active ftp wasn't supported on his Netgear.
>
> I
>
> >> really don't know the difference between the two. My assumption is that
> >> limitation wouldn't cause me any inconvenience.
> >
> >http://slacksite.com/other/ftp.html
>
> Excellent description. I just wonder how often you'd run into a site that
> didn't support passive ftp. In any even, not having active ftp capability
> would seem to be a small drawback, at least in my case.
>
> Greg Wallace

Actually I found the article very misleading, and in placed, just flat wrong.

In describing passive ftp it says:
"The client will make both connections to the server, but one of them will be
to a random high port, which would almost certainly be blocked by a firewall
on the server side."

Random high ports? I think not.

The client will connect to a SPECIFIC port passed to it from the server, and
upon which the server has started listening.

There is nothing random about it.

Furthermore, ftp servers are not usually frontended with a firewall, at least
not linux/unix ftp servers.

Secondly, with any proper implementation of iptables in the server OR the
firewall, these so called "random" port assignments are easily tracked and
handled properly. My users have no problems using passive ftp from
behind the firewall/router running on SUSE (configured using Shorewall, but
other tools work as well).

--
_____________________________________
John Andersen
< Previous Next >
Follow Ups