On Thu, 2005-12-08 at 10:40 -0500, Damon Register wrote:
wavesurf@planet.nl wrote:
Maby you will look here to see what the problem is;
[gerritjanftp] FTP response: Client "123.123.123.123", "227 Entering Passive Isn't that the key? You are using passive mode. I must be missing something here. I have been using vsftpd for a few years with SuSE and never had this much trouble. I too have two NICs and am using SuSEfirewall2 to make the computer a NAT router for my home net and even in a lab at work. Like you I am using vsftpd. I am certainly no ftp expert but I believe that passive mode uses other high ports and I think I remember they are randomly selected. For that reason I use ftp only in active mode in order to avoid that issue with the firewall. You are getting connected so the firewall is letting you use the port 21. I have no idea how to get the firewall to deal with the other high ports used for passive so that is why I stayed with the active mode. With some clients that I use, I have to set the option for active mode only.
As a side point, I haven't seen anyone mention tampering with /etc/sysconfig/SuSEfirewall2. That's where I always go to tamper with things not covered by YaST
Damon Register
The high port option that I used in Suse 7 8 has or will soon be depreciated in SuSEFirewall2. It is still available in the file /etc/sysconfig/SuSEFirewall2 but it didn't seem to make much difference here. BUt you can try it, FW_ALLOW_INCOMING_HIGHPORTS_TCP="ftp-data" Thats why I did not mention it earlier, but what I posted earlier should work, also If you can turn off masquerade networks, Chadley