[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

System-config-securitylevel breaks passive FTP



During an upgrade from FC1 to FC2 I decided to add a firewall to one of our servers. I used the system-config-securitylevel tool to enable the firewall and allow through the services we need (ftp, http and ssh).

However, after enabling the firewall I found that ftp was broken. I could connect, but could not get directory listings or transfer files. Disabling the firewall caused everything to start working again.

Looking back through bugzilla I came across:

http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=111228

..which is exactly the problem I had, and enabling the ip_nat_ftp iptables module caused everything to work through the firewall again.

My question therefore is why is this not considered a bug?? Surely if someone selects to allow ftp traffic through their firewall then they should not need to make additional (and distinctly non-obvious!) changes to config files to actually allow it to work.




[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]