[CentOS] ftp firewall/iptables
Jeff Lasman
blists at nobaloney.net
Fri Jul 8 00:54:36 UTC 2005
On Thursday 07 July 2005 04:55 pm, Dave wrote:
> I just installed CentOS4 on my main server. It runs proftpd and is
> not NATted..
>
> When I did the install I said to allow FTP and HTTP. I can ftp from
> windows dos ftp client.
>
> In IE I get "Unable to build data connection: No route to host"
>
> ncftp I get..
> Data connection timed out.
> Falling back to PORT instead of PASV mode.
> List failed.
You might want to look at the thread I started yesterday:
ftp daemon problem
I got some good help there from Barry Brimer.
I did a bit of research on the 'net and discovered that my firewall (I
use the "kiss" firewall, it's available on the net and is a front-end
for creating a netfilter firewall using iptables)...
... was attempting to load:
ip_conntrack_ftp.o
which no longer exists; it's been renamed:
ip_conntrack_ftp.ko
So I changed one line in the kiss firewall, to load the right file, and
presto, ftp works fine in both active and passive mode.
Thanks, Barry, for leading me in the right direction, and I hope this
helps you.
Jeff
--
Jeff Lasman, Nobaloney Internet Services
1254 So Waterman Ave., Suite 50, San Bernardino, CA 92408
Our blists address used on lists is for list email only
Phone +1 909 266-9209, or see: "http://www.nobaloney.net/contactus.html"
More information about the CentOS
mailing list