Mailinglist Archive: opensuse-security (757 mails)

< Previous Next >
RE: [suse-security] probs with ftp-masquerading
  • From: "OKDesign oHG Security Administrator" <security@xxxxxxxxxxx>
  • Date: Tue, 22 Jan 2002 08:24:09 +0100
  • Message-id: <GFENKFFEGFMPFOMBKMCMMEJBCFAA.security@xxxxxxxxxxx>
Okay,

I've now learned a lot of security-wisdom and that the SuSE-firewall 2 is a
damned good tool (something I already knew).
But my problem is still unsolved. For any reasons ftp-masquerading doesn't
work.
I tried what Ralf recommended, but the two iptables-commands didn't have any
result (okay, maybe they had, but they didn't enable ftp-masquerading).
I also looked for the modules ip_conntrack_ftp and ip_nat_ftp as GertJan
told me. I had no luck to find the first one anywhere on my system although
the FW-Packe is installed. The second one is there and I did an insmod, but
this also didn't solve the problem.
Ah yes, Lars pointed me to an error I made. Of course I didn't install my
system from the crab, but from the scratch. Funny to image a crab with
SuSE-Linux tied on the back :-)
To Roman: Of course you are right, but as I already mentioned, I have to
live with DAUs in my LAN, and it's hard enough to have my phone actually
ringing like hell because this damn ftp doesn't work. By now I only answer
"I'm working on it and I'll send a message to all users when it's working
again..."; but to imagine to have to explain all users what FTP-passive-mode
is and how and why it must be used, is as hard as to imagine that my
mother-in-law is going to stay for more than one week (one week is bad
enough, but more will ruin my nerves *sigh*). I really don't know which one
I would prefer if I had only these two choices...

Anyway, could someone help me in solving my problem ? I'm sure out there on
this list are lots of iptables-freaks knowing nearly all tricks one can do
with it and it should be no big problem for them to find out how to enable
this ftp-masquerading.

Thanks in advance

Stephan


< Previous Next >
Follow Ups