FTP and Firewall difficulties (SEC: UNCLASSIFIED)

Alex Satrapa grail at goldweb.com.au
Fri Jul 19 13:01:39 EST 2002

On Friday, July 19, 2002, at 08:49 , Lisman, FLGOFF Jarrad wrote:

> I soon discovered that of course an active ftp transfer will not work.

Either use passive mode, or install an FTP proxy on the firewall.  I 
believe SUSE have a "suite" of proxy products, currently consisting of 
an FTP proxy[1]. In Debian, you would just apt-get install ftp-proxy.

> ... illegal port command error that pops up everytime I try to access 
> something.

That's just FTPs way of saying that you need to use passive mode or 
install an FTP proxy.  IIRC the server is saying that it couldn't open 
the connection to the port that your machine claimed was supposed to be 
listening.  An FTP proxy solves this problem by opening up a new port 
and modifying the commands being sent to the remote server to indicate 
that it should connect to the proxy server's listening port.  That 
incoming connection is forwarded to the machine inside your own network.

But you're probably better off using passive mode.  It's safer for your 

> Can anyone see where my problem is and does anyone know what auth is and
> what it has to do with my ftping>

"auth" connections are usually handled by identd[2].  It's a means for 
remote systems to find out from your system who is responsible for 
particular activities.  Most systems that I've configured run no identd, 
or a fake identd (eg: nullidentd) that simply returns "nobody" all the 

[1] http://www.suse.de/en/support/whitepapers/proxy_suite/
[2] http://ctdp.tripod.com/os/linux/usersguide/linux_ugidentd.html
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 225 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux/attachments/20020719/33d981e9/attachment.bin

More information about the linux mailing list