[Shorewall-newbies] FTP problem
teastep at shorewall.net
Sat Dec 27 17:44:45 PST 2003
On Sun, 28 Dec 2003, gregory wrote:
> >And what do you see if you try to use a line-mode client in debugging mode to
> >connect to your server and do a directory listing? Are there any Shorewall
> >log messages issued when you try this connection?
> Haven't tried line-mode yet since I can't do it (have no access to it).
> But the ftp client still gives me this:
Sigh -- this is fine.
> < 331 Please specify the password.
> > PASS *****
> < 230 Login successful.
> > REST 1
> < 350 Restart position accepted (1).
> > REST 0
> < 350 Restart position accepted (0).
> > SYST
> < 215 UNIX Type: L8
> > PWD
> < 257 "/"
> ~ Login completed.
> > PORT 192,168,0,102,7,155
> < 500 Illegal PORT command.
> ~ Could not retrieve directory listing for "/"
You haven't correctly loaded the modules -- the IP address in the PORT
command contains the RFC1918 address of the
> I've edited the modules file to include ports 21 and 7121, but still no go.
> When I access the ftp server from within my lan, I get instantly
> connected. I also see no references in the Shorewall log.
> Help please.
The ftp NAT helper and/or conntrack helper isn't configured correctly.
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-newbies