RE: [suse-security] Configuring SuSEfirewall2 for FTP access
Actually it is the other way round. You machine should have its high ports open and the server should have ports 20 and 21 open. Noah.
-----Original Message----- From: remote [mailto:remote@leat.ruhr-uni-bochum.de] Sent: 19 April 2004 12:38 To: SUSE-SECURITY Subject: Re: [suse-security] Configuring SuSEfirewall2 for FTP access
This is a transcript of my firewall log when I try to connect to ftp.suse.de :
Apr 19 11:35:38 router kernel: SuSE-FW-DROP-DEFAULT IN=eth0 OUT=eth1 SRC=AAA.BBB.CCC.DDD DST=195.135.221.130 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=1263 DF PROTO=TCP SPT=1802 DPT=38852 WINDOW=8192 RES=0x00 SYN URGP=0 OPT (020405B401010402)
Passive FTP is activated. The way I understood passive FTP the server is supposed to have its higher ports open, while the downloading computer only has to have ports 20 or 21 open. My /etc/sysconfig/SuSEfirewall does include a FW_FORWARD-rule which opens these ports to the entire net, FW_FORWARD =" AAA.BBB.CCC.0/6,0/0,tcp,20:21 "
however I don´t get any kind of FTP, neither upload nor download.
What´s wrong with my setup ?
Thanks,
Jörg
participants (1)
-
sematin@mtn.co.ug