FTP and Firewall difficulties (SEC: UNCLASSIFIED)
Alex Satrapa
grail at goldweb.com.au
Fri Jul 19 13:01:39 EST 2002
On Friday, July 19, 2002, at 08:49 , Lisman, FLGOFF Jarrad wrote:
> I soon discovered that of course an active ftp transfer will not work.
Either use passive mode, or install an FTP proxy on the firewall. I
believe SUSE have a "suite" of proxy products, currently consisting of
an FTP proxy[1]. In Debian, you would just apt-get install ftp-proxy.
> ... illegal port command error that pops up everytime I try to access
> something.
That's just FTPs way of saying that you need to use passive mode or
install an FTP proxy. IIRC the server is saying that it couldn't open
the connection to the port that your machine claimed was supposed to be
listening. An FTP proxy solves this problem by opening up a new port
and modifying the commands being sent to the remote server to indicate
that it should connect to the proxy server's listening port. That
incoming connection is forwarded to the machine inside your own network.
But you're probably better off using passive mode. It's safer for your
network.
> Can anyone see where my problem is and does anyone know what auth is and
> what it has to do with my ftping>
"auth" connections are usually handled by identd[2]. It's a means for
remote systems to find out from your system who is responsible for
particular activities. Most systems that I've configured run no identd,
or a fake identd (eg: nullidentd) that simply returns "nobody" all the
time.
HTH
Alex
[1] http://www.suse.de/en/support/whitepapers/proxy_suite/
[2] http://ctdp.tripod.com/os/linux/usersguide/linux_ugidentd.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 225 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20020719/33d981e9/attachment.bin
More information about the linux
mailing list