fc3 ftp connects but not working (Solved)

Jim Cornette fc-cornette at insight.rr.com
Mon Feb 21 05:11:02 UTC 2005 

Barry Yu wrote:
> Craig White wrote:
> 
>> On Sun, 2005-02-20 at 08:57 +0800, Barry Yu wrote:
>>  
>>
>>> I connect to an XP ftp server the connection is made but can't go on 
>>> further to do anything, below are what happened;
>>>
>>> ***************
>>> [root at station-3 ~]# ftp 192.168.1.111
>>> Connected to 192.168.1.111.
>>> 220-Microsoft FTP Service
>>>   
>>> ---------------------------------------------------------------------------- 
>>>
>>>    This is XP FTP server
>>> 220 
>>> ---------------------------------------------------------------------------- 
>>>
>>> 500 'AUTH GSSAPI': command not understood
>>> 500 'AUTH KERBEROS_V4': command not understood
>>> KERBEROS_V4 rejected as an authentication type
>>> Name (192.168.1.111:root): myname
>>> 331 Password required for myname.
>>> Password: mypassword
>>> 230-Welcom to The XP FTP server
>>> 230 User myname logged in.
>>> Remote system type is Windows_NT.
>>> ftp> passive
>>> Passive mode off.
>>> ftp> ls
>>> 200 PORT command successful.
>>> 150 Opening ASCII mode data connection for /bin/ls.
>>>
>>> (The cursor just hangs for ever and not responding)
>>>
>>> *******************
>>> In my machine I have multiboot system, XP, fc1, fc3, except fc3 other 
>>> 2 O/S can connect to that ftp server and download file from it.
>>> Any advice is appreciated.
>>>   
>>
>> ----
>> seems like a firewall issue...
>>
>> insmod ipconntrack
>> insmod inconntrack_ftp
>>
>> see if those commands help
>>
>> Craig
>>
>>  
>>
> Craig you are right, it is a security issue, when I check the System 
> setting->Security Lever, the Trusted device eth0 was not checked. After 
> I check it, the ftp is working now.Tks.
> 

I believe that selecting eth0 as a trusted device opens your computer to 
  a state that is like having no firewall at all. If it goes to the 
outside world, it would not be good. To go to a local network where 
trust is not an issue, it might be safe enough to allow.

You might want to check into what allowing a device does. I believe the 
issue was discussed either on one of the early redhat lists or on our 
local lug. (About a year back).

Regarding ftp it would be great if everything was setup to work when you 
choose ftp in the securitylevel. I stop iptables myself, ftp the files 
over, then restart iptables. (computer to computer, no external 
network). I never tried adding the modules suggested above. This is 
probably the best solution for long term ftp usage.

Alexander had a good explanation regarding how the modules worked and 
references to ports about a month back.

Jim

-- 
Politics and the fate of mankind are formed by men without ideals and 
without
greatness.  Those who have greatness within them do not go in for politics.
		-- Albert Camus

More information about the fedora-list mailing list