Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Re: [suse-security] FTP: can connect but cannot transfer data
From: timo (timo.ratyallgon.com)
Date: Wed Aug 27 2003 - 02:09:25 CDT
> This may be quite basic for some of you.
(Note: I am not an expert with this but I'll try to help.)
> I'm using my own firewall script on a Suse 8.2P box. See below.
Why not use SuSE8.2 firewall? (I had to ask)
> Clients can connect and login but when a command like LS or GET is given,
> nothing happens.
> It seems data transfer is not possible. It doesn't make a difference
> whether passive mode is used or not.
I won't go as far as to analyze your firewall script. I guess what you need is
to have the connection tracking module for ftp included in the modules and
then (probably) adjust your rules so that they can follow (ftp) connections.
I think the ftp_conntrack(?) module is able to follow how the ftp data
connections are opened. Besides, ftp just might need the ftp-data/udp channel
too, did you take care of that?
I would go with SuSEfirewall - it is pretty damn good, once you learn it.
In any case putting logging rules will help you find out what gets closed,
i.e. what happens during the ftp data connect initialization and why/in which
rule it does not get through.
Check the headers for your unsubscription address
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here