[PLUG] passive FTP failing ...
Russell Senior
seniorr at aracnet.com
Thu Aug 4 05:19:04 UTC 2005
I am running an anonymous ftp server on a public IP. Recently,
passive-mode FTP transfers are failing. This seems to include
browsers that seem to do passive mode by default, but I can replicate
the behaviour with /usr/bin/ftp by ensuring passive mode is on. With
passive mode off, it works just fine. My iptable rules look like
this:
/sbin/iptables -A ftp-input -p tcp --syn --dport 21 -j ACCEPT
/sbin/iptables -A ftp-input -m state --state ESTABLISHED,RELATED -j ACCEPT
/sbin/iptables -A ftp-input -p tcp --syn -j DROP
/sbin/iptables -A ftp-input -p udp -j DROP
/sbin/iptables -A ftp-input -j ACCEPT
It is possible the failure started when I converted from 2.4.x to
2.6.11.x. I am going to look at the kernel possibility. Any other
pointers?
--
Russell Senior ``I have nine fingers; you have ten.''
seniorr at aracnet.com
More information about the PLUG
mailing list