-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Monday, 2011-05-02 at 13:17 +0200, Togan Muftuoglu wrote:
If you are using vsftpd,then have a look at the service file to configure it with SuSEfirewall2 and then use the service name in FW_CONFIGURATIONS_WHATEVER_ZONE_YOU_WANT
/etc/sysconfig/SuSEfirewall2.d/services/vsftpd
I did look into that directory, but looking for "ftp", not "vsftpd": I did not notice the entry. That file contains: ## Name: vsftpd Server ## Description: Opens ports for vsftpd Server. # space separated list of allowed TCP ports TCP="ftp 30000:30100" # space separated list of allowed UDP ports UDP="" # space separated list of allowed RPC services RPC="" # space separated list of allowed IP protocols IP="" # space separated list of allowed UDP broadcast ports BROADCAST="" Instead of replacing that for my configuration, what I did was change one line: FW_TRUSTED_NETS="192.168.X.Y,tcp,ftp 192.168.X.Y,tcp,ftp-data 192.168.X.Y,tcp,30000:30100" Just the last part. With that change now I have both passive and extended passive modes working. What I do not know (the client I use doesn't have it) is if active would work, my guess is "no". I wonder why "nf_conntrack_ftp" doesn't do it. - -- Cheers, Carlos E. R. (from 11.2 x86_64 "Emerald" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.12 (GNU/Linux) iEYEARECAAYFAk2/A5oACgkQtTMYHG2NR9X32gCfak5L4OwaoGYd9vs9vM8lzgks 4mgAniu9kqQMKa42YQU4/EOV5g97/ZUD =2HT9 -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org