http://bugzilla.novell.com/show_bug.cgi?id=561647 http://bugzilla.novell.com/show_bug.cgi?id=561647#c1 Jozef Uhliarik <juhliarik@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |CLOSED Resolution| |INVALID --- Comment #1 from Jozef Uhliarik <juhliarik@novell.com> 2010-02-09 16:01:39 UTC --- I would like inform you that there exist also YaST module for ftp. There you can open port 21 in SuSEfirewall2. Select Expert Settings -> checkbox "Open port in Firewall". There is exception for defined passive port range. If you define passive port range it is not open in firewall. Checkbox "Open port in Firewall" open only port 21: SuSEfirewall2 debug | grep ftp SuSEfirewall2: Setting up rules from /etc/sysconfig/SuSEfirewall2 ... SuSEfirewall2: using default zone 'ext' for interface eth0 iptables -A input_ext -m limit --limit 3/minute -j LOG --log-level warning --log-tcp-options --log-ip-options --log-prefix SFW2-INext-ACC-TCP -p tcp --dport ftp --syn iptables -A input_ext -j ACCEPT -p tcp --dport ftp iptables -A input_ext -m limit --limit 3/minute -j LOG --log-level warning --log-tcp-options --log-ip-options --log-prefix SFW2-INext-ACC-TCP -p tcp --dport ftp-data --syn iptables -A input_ext -j ACCEPT -p tcp --dport ftp-data ip6tables -A input_ext -m limit --limit 3/minute -j LOG --log-level warning --log-tcp-options --log-ip-options --log-prefix SFW2-INext-ACC-TCP -p tcp --dport ftp --syn ip6tables -A input_ext -j ACCEPT -p tcp --dport ftp ip6tables -A input_ext -m limit --limit 3/minute -j LOG --log-level warning --log-tcp-options --log-ip-options --log-prefix SFW2-INext-ACC-TCP -p tcp --dport ftp-data --syn ip6tables -A input_ext -j ACCEPT -p tcp --dport ftp-data SuSEfirewall2: batch committing... SuSEfirewall2: Firewall rules successfully set have a nice day -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.