firewall question

[Marco A. Ramos]

As you say you have two options:

a) To force all users, to work as nonpasive method (Remenber open the data
port (tcp/20)

b) Enable the Passive method on your firewall, to made it, you have to
determine some port in your ftp server, this mean, that your ftp server must
to use an especific range of ports (for example 50000-50500) and then open
that range in your firewall. Other point it to consider that the FTP server
will send ip own IP address, for the passive connection.

Good Luck

-----Original Message-----
From: redhat-list-bounces at redhat.com
[mailto:redhat-list-bounces at redhat.com]On Behalf Of Bartosz Brewinski
Sent: Thursday, 12 May, 2005 11:30 AM
To: redhat-list at redhat.com
Subject: Odp: firewall question


Maybe "BBedit" is not configured (or can't be) for passive ftp while the
other ftp clients used in the office are using passive ftp connections ?

Maybe it would be sufficient to persuade BBedit to use passive connection
method ?

Hope this helps.

bartek

>>> jessica at mathforum.org 2005-05-12 20:21 >>>
Hi,

I set up the firewall on an old linux(7.1) server using ipchains which
allows ftp within our network. After the firewall up, some users in the
office who using Bbedit on Macintosh complained that they cannot ftp to
the server any more although there is no problem to use other ftp
programs.

My final solution is to trust the ips from those users using BBedit and
accept all from them. However, I thought this is not the best and secure
solution. Just wondering whether anybody on the list can help me figure
out the better solution.

Thanks!

Jessica

--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list


--
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list