Firewall issues with setting up vsftp server
Doug Maurer
doug at dmaurer.net
Thu Dec 16 21:02:57 UTC 2004
> Terry Linhardt wrote:
>
> > I am attempting to set up an ftp server on an internal network. (All
> > hosts are 192.168.1.*) I am using vsftp, but stumbling over an
> > iptables related issue. Also, this is Fedora Core 3.
> >
> > vsftp is running as a stand-alone daemon. I used the "security level"
> > icon to permit ftp traffic on the server. At that point I CAN connect
> > from a remote client to the ftp server. I can login properly. I can cd
> > to a directory of choice. However, as soon as I try to download data
> > (or even do an ls), I get a message of "entering passive mode" and
> > then "no route to host" error message. This problem can be eliminated
> > by going to /etc/rc.d/init.d and doing an "iptables stop", which turns
> > off all firewall features. However as soon as I reactivate the
> > iptables I once again get the "no route to host" message when I try to
> > transfer data.
> >
> > I am guessing that I am getting blocked by a closed port. I've done
> > some research, and generally understand the concept, but don't
> > understand how to get past what appears to be a closed port issue
> > without opening up a large range of ports. While that may not be
> > distasteful on my private network, it is not desirable if I eventually
> > make this machine available to the outside world.
> >
> > Any guidance would be appreciated.
> >
> > Thanks...Terry
in /etc/sysconfig/iptables.config
add
IPTABLES_MODULES="ip_nat_ftp"
and restart iptables
> >
>
>
> --
> No virus found in this outgoing message.
> Checked by AVG Anti-Virus.
> Version: 7.0.296 / Virus Database: 265.5.4 - Release Date: 12/15/2004
>
More information about the fedora-list
mailing list