2 Mar
2011
2 Mar
'11
3:10 a.m.
On 2.3.2011 03:00, John R Pierce wrote:
On 03/01/11 5:55 PM, Markus Falb wrote:
On 2.3.2011 02:15, Nico Kadel-Garcia wrote:
I know FTP can be a nightmare: I thought FTPS had pretty much addressed the separate data and control channel issues, or am I profoundly mistaken?
Running ftp over ssl is not changing the ftp protocol. SSL or not, there are the same "open up a bunch of passive ports for data channel" insanities.
and, worse, since the control channel is encrypted, this can't be done via a port monitor that sniffs and modifies 'port' commands, so this causes problems at BOTH ends of a NAT
Could it be that the iptables ftp conntrack and nat modules does not work with ftps because of this ?
--
Best Regards, Markus Falb