[OT] Proftp and Firewalls

Steve Holmes steve at holmesgrown.com
Mon Jun 21 19:18:46 EDT 2004


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I've heard that before too but with any FTP client I've ever used, you
can only specify the main port that initiates the session; in my case
here, that would be port 7021.  Would the data port always be one
less?  Actually, if the client is initiating this, the data port would
be established by the server coming back out.  My router wouldn't care
about outgoing packets in this case.  I don't know if I have this
right or not.  I know that with firewalls, IP Masquerading, and the
like, clients running inside the network have to use pasive mode to
outside FTP's; I know that from personal experience as well as what
I've read here or there.  I just don't know about coming in from the outside.

On Mon, Jun 21, 2004 at 06:00:42PM -0400, Jayson Smith wrote:
> Actually I think ftp is supposed to use both ports 20 and 21.  Hope this
> helps.
> Jayson.
> 
> ----- Original Message -----
> From: "Steve Holmes" <steve at holmesgrown.com>
> To: <speakup at braille.uwo.ca>
> Sent: Monday, June 21, 2004 4:13 PM
> Subject: [OT] Proftp and Firewalls
> 
> 
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hey,  I'm wondering if and how one can run proftp on a linux server
> > behind a router.  In my case, the incoming request is port forwarded
> > to my machine running proftpd and so far, I can access the basic login
> > prompts but I cannot list directories from any outside machines.  If I
> > use a simple command line client outside, the last thing I see after
> > typing 'ls' is "port command successful" and then it just hangs.  I
> > think it's got to do with active vs passive FTP but not sure in this
> > direction.
> >
> > On my router, I have the outside port set to 7021 and the destination
> > port set to 21 and proftpd on the inside machine listens on port 21.
> > So my connections set up find.  Oh, I can access all proper functions
> > of this ftp server on my local network with no problems.  Do I have to
> > do something with the data port as well, and if so, what ot I set it
> > to?  My ISP blocks inbound FTP port 21 so that's why the high number.
> >
> > Any ideas? I hope my question makes sense.
> > - --
> > HolmesGrown Solutions
> > The best solutions for the best price!
> > http://ld.net/?holmesgrown
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.2.3 (GNU/Linux)
> >
> > iD8DBQFA10F2WSjv55S0LfERAkoYAJwPc15EyErze/9oOLprZZ7hPXP9YgCfR/cS
> > W/mFxkYNpbQ/zNPhfRTsSZU=
> > =CNNh
> > -----END PGP SIGNATURE-----
> >
> > _______________________________________________
> > Speakup mailing list
> > Speakup at braille.uwo.ca
> > http://speech.braille.uwo.ca/mailman/listinfo/speakup
> >
> 
> 
> _______________________________________________
> Speakup mailing list
> Speakup at braille.uwo.ca
> http://speech.braille.uwo.ca/mailman/listinfo/speakup
> 
> 

- -- 
HolmesGrown Solutions
The best solutions for the best price!
http://ld.net/?holmesgrown
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQFA12zTWSjv55S0LfERAp3xAKC9P26L0teqCunX0uP7LA4H+9RMQQCfQ6nk
F/hYmyztP647ywWHRGyeaT0=
=kKHc
-----END PGP SIGNATURE-----




More information about the Speakup mailing list