[Shorewall-newbies] FTP problem

Tom Eastep teastep at shorewall.net
Sun Dec 28 11:32:12 PST 2003

On Sunday 28 December 2003 11:20 am, gregory wrote:

> >>
> >>Are you telling the client shouldn't have any problems now because it
> >>was using PASV mode?
> >
> >That's correct.
> But passive mode doesn't work.
> >>The client is able to establish a connection and can even log in, yet
> >>can't get a directory listing.
> >
> >The information at the beginning of http://www.shorewall.net/FTP.html
> > clearly (I hope) explains that logging into an FTP server and
> > transferring data to/from that server (including directory listings) use
> > different connections.
> >
> >>Using the ftp CLI command the client was able to write something to the
> >>ftp server as well, but can't get a directory listing.
> >>Weird.
> >
> >Do you see any Shorewall messages when you try the directory listing?
> No.

Then assuming that you haven't hosed up Shorewall logging, your server side 
configuration is correct.

If you want to capture a tcpdump/ethereal trace, I'll try to find the time to 
look at it.

tcpdump -s 2048 -w <tracefile> -ni <ext if> host <ip address of client>

Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net

More information about the Shorewall-newbies mailing list