Thank you, I will check it. But - is this only possible solution? SFTP I am using only for administration purposes (yeah, it is quite easy to set it up :-D) and it´s better for me, to make FTPS for customers and SFTP only for me. 2009/1/26 German Andres Pulido <gpulido at gtscolombia.com>: >> Hello, >> >> I am setting up ProFTPd daemon (from EPEL repository) under CentOS 5.2 >> and I need encrypted connection. Daemon is configured perfectly, there >> is no problem - if iptables is off connection is smoothly established, >> but when iptables is on, connection in FTP client ends on command LIST >> without response. Last command with response (positive) is PASV. >> >> Thank you for your replies >> Martin Šťastný >> _______________________________________________ >> CentOS mailing list >> CentOS at centos.org >> http://lists.centos.org/mailman/listinfo/centos > > Hi! > > The issue is probably with the way FTP is handled. I see two possible > solutions: > > 1. Use the ip_conntrack_ftp module of IPtables. What this does is setting > iptables aware that the data FTP connection should also be allowed since it's > related to the original one on port 21. Google for more info on it (and the > exact module name) > > 2. If you only need encrypted traffic, using SFTP makes sense. It only uses > the port 22 (It's a subsystem of SSH) and its encryption is very good. > > Regards. >