[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: ftp from Red Hat AS 4.4 to Open VMS System

This iptables entry works for what I am doing.


Gaddis, Jeremy L. wrote:
On 12/11/06, Troy Knabe <knabe 4j lane edu> wrote:
Thanks to everyone who responded.  When you do an ls or dir on a remote
host, it creates a "new" connection back to the server, so it is not
persistent.  It appears to be grabbing a random port in the 53*** area.

Such is the nature of the FTP protocol.

Is there syntax in iptables to allow all ports from a host over port 1024?

Try "iptables -A INPUT -p tcp -s A.B.C.D/ --dport
1024:65535 -j ACCEPT"

I also had to issue the *passive* command once connected before I could
run an ls or dir.

"passive" indicates that the FTP client indicates the data connection
to the server, while using "active" mode (normally the default) the
FTP server initiates the data connection back to the client (which can
present problems if there is a firewall active).


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]