LinuxSA Mailing list archives

  From: David Fitch <davidf@parachilna.com>
  To  : LinuxSA <linuxsa@linuxsa.org.au>
  Date: 08 May 2002 08:14:22 +0930

Re: Firewall and FTP'ing

On Wed, 2002-05-08 at 08:03, David Fitch wrote:
> On Tue, 2002-05-07 at 23:12, Michael Pearson wrote:
> > * David Fitch (davidf@parachilna.com) wrote:
> > > On Tue, 2002-05-07 at 18:17, Wayne Simes wrote:
> > > > I have opened up ports 20 and 21 to allow for ftp'ing through to the 
> > > > server, but I have noticed in the logs that the client is trying to 
> > > > make connections to ports up in the 3000 and 6000 range. I don't
> > > > really want to open up a whole range of port just to allow the
> > > > odd person to connect.
> > > > 
> > > > What should I be doing to try and get around this problem ?
> > > 
> > > yes it sucks, I've never found a satisfactory solution.
> > > The best workaround for me is use passive ftp (ie. 'pas'
> > > command in ftp).
> > Wrong way around.
> 
> hey? what is?  
> If Wayne was talking about problems running an ftp server then fair
> enough but that's not how I read it.

no hang on that doesn't explain it either, you use the ip_masq_ftp
module to solve it if running an ftp server.  I can ftp into my
machine fine from outside and I only have about 4 specific ports open.

Dave.


-- 
LinuxSA WWW: http://www.linuxsa.org.au/  IRC: #linuxsa on irc.linux.org.au
To unsubscribe from the LinuxSA list:
  mail linuxsa-request@linuxsa.org.au with "unsubscribe" as the subject