ftp refused to ftp.suse.com
My turn to ask a stupid question. I am currently running 7.3 with SuSEfirewall2 v2.1 on an old 486 as firewall/router. From a machine on the internal net I can ftp to anywhere (tested 2 locations in town, another in the country (New Zealand), and one in USA), but trying to connect to ftp.suse.com gives "connection refused". ftp.suse.de is fine too. Funnily enough, if I try on the firewall machine, it works. I enabled FW_LOG_DROP_CRIT="yes" FW_LOG_DROP_ALL="yes" but no dropped packets are logged to /var/log/firewall. Just to make sure:
telnet ftp.suse.com 21 Trying 202.58.118.12... telnet: connect to address 202.58.118.12: Connection refused Exit 1
The setup uses: FW_MASQUERADE="yes" FW_MASQ_NETS="x.x.x.x/x" FW_PROTECT_FROM_INTERNAL="yes" FW_AUTOPROTECT_SERVICES="yes" FW_SERVICES_EXT_TCP="" FW_SERVICES_EXT_UDP="" FW_ALLOW_INCOMING_HIGHPORTS_TCP="yes" [this turns out to be irrelevant] FW_ALLOW_INCOMING_HIGHPORTS_UDP="yes" ["] FW_SERVICE_AUTODETECT="no" FW_SERVICE_DNS="no" FW_SERVICE_DHCLIENT="no" FW_SERVICE_DHCPD="no" FW_SERVICE_SQUID="no" FW_SERVICE_SAMBA="no" FW_FORWARD="" FW_FORWARD_MASQ=".... (does not contain ports 20, 21 anywhere)" FW_REDIRECT="" FW_KERNEL_SECURITY="yes" FW_ALLOW_PING_FW="yes" FW_ALLOW_PING_DMZ="no" FW_ALLOW_PING_EXT="yes" FW_ALLOW_FW_TRACEROUTE="yes" FW_ALLOW_FW_SOURCEQUENCH="yes" FW_ALLOW_FW_BROADCAST="no" FW_IGNORE_FW_BROADCAST="yes" FW_ALLOW_CLASS_ROUTING="no" Am I blind/stupid/etc or is this a known or as of yet unknown issue? Does ftp.suse.com have a built-in loser detection for people behind SuSE firewalls? Thanks, Volker -- Volker Kuhlmann is possibly list0570 with the domain in header http://volker.orcon.net.nz/ Please do not CC list postings to me.
participants (1)
-
Volker Kuhlmann