[TriLUG] Firewall blues...

Jon Carnes jonc at nc.rr.com
Fri Feb 15 17:38:39 EST 2002


Dude, if it works clear and free for Able (and Able isn't doing anything 
special), then the problem lays with Baker's firewall.  Is "Baker" running 
the masq_ftp module on his firewall (necessary for NAT-ing ftp properly 
though a NAT firewall).

Jon

On Thursday 14 February 2002 11:28 pm, Christopher Knowles wrote:
> On Thursday 14 February 2002 10:08 pm, Christopher Knowles wrote:
> > OK, I've got an ipchains masquerading firewall.
> >
> > I need for two remote users to be able to ftp to a server that is, and
> > must remain inside the firewall.
> >
> > I've set up the rules to allow incoming ftp and ftp-data connections.
> >
> > I've set up portforwarding to forward ftp and ftp-data connections to the
> > firewall to that server.
> >
> > Now, users Able and Baker...
> >
> > Able is a newbie, and is naked on the internet, no protection, and he can
> > ftp in just fine.  Everything is good.
> >
> > Baker, he has a linux based ipchains firewall (and I've even used a
> > Charlie with iptables to the same effect).  He can log into the ftp
> > server, but when he tries to do a dir, pasv, or cd, get etc... it just
> > hangs.  I can't find any reference to the packets soming in with the
> > logs.  (Any way to log ipmasqadm?)
> >
> > Any ideas?  I would like Baker (and Charlie) to be able to get in to the
> > ftp server.
> >
> > CJK
> > _______________________________________________
> > TriLUG mailing list
> > http://www.trilug.org/mailman/listinfo/trilug
>
> I should mention that Baker and Charlie both have the appropriate rules in
> their firewalls to allow ftp to servers such as redhat, etc...
>
> CJK
>
> _______________________________________________
> TriLUG mailing list
> http://www.trilug.org/mailman/listinfo/trilug



More information about the TriLUG mailing list