[CentOS] ProFTPd under CentOS 5.2 running FTPS - iptables problem

Mon Jan 26 17:48:15 UTC 2009
happymaster23 <happymaster23 at gmail.com>

Thank you,

I will check it. But - is this only possible solution?

SFTP I am using only for administration purposes (yeah, it is quite
easy to set it up :-D) and it´s better for me, to make FTPS for
customers and SFTP only for me.

2009/1/26 German Andres Pulido <gpulido at gtscolombia.com>:
>> Hello,
>>
>> I am setting up ProFTPd daemon (from EPEL repository) under CentOS 5.2
>> and I need encrypted connection. Daemon is configured perfectly, there
>> is no problem - if iptables is off connection is smoothly established,
>> but when iptables is on, connection in FTP client ends on command LIST
>> without response. Last command with response (positive) is PASV.
>>
>> Thank you for your replies
>> Martin Šťastný
>> _______________________________________________
>> CentOS mailing list
>> CentOS at centos.org
>> http://lists.centos.org/mailman/listinfo/centos
>
> Hi!
>
> The issue is probably with the way FTP is handled. I see two possible
> solutions:
>
> 1. Use the ip_conntrack_ftp module of IPtables. What this does is setting
> iptables aware that the data FTP connection should also be allowed since it's
> related to the original one on port 21. Google for more info on it (and the
> exact module name)
>
> 2. If you only need encrypted traffic, using SFTP makes sense. It only uses
> the port 22 (It's a subsystem of SSH) and its encryption is very good.
>
> Regards.
>