[ale] ftp error
Joe Steele
joe at madewell.com
Mon Jul 26 10:37:26 EDT 1999
I probably should have said that you needed to "break" the
firewall, rather than fix it. I have heard it argued that
you are weakening your security by opening up your firewall
to allow non-passive ftp traffic.
How to change your firewall rules depends on your kernel
version. I know that 2.0.x versions use ipfwadm. I believe
later kernels use ipchains. Check the man pages for how to
use these commands. In your case, listing your present rules
would be a starting point. The Firewall-HOWTO has more useful
information.
If you use a masquerading firewall, then you must do more to
make non-passive ftp connections work. For 2.0.x kernels,
there is a ip_masq_ftp.o module that must be loaded (once
again, I'm talking about non-passive connections only). I
don't know about later kernels. The IP Masquerade Mini-HOWTO
covers some of these issues.
As an alternative to what I've said above, you could do one
of the following:
1) Use a web browser for ftp access. They apparently use
passive mode (at least for downloading, which is all I have
ever used them for). Search the browser's help file for
"ftp" for specifics on logging in, uploading, etc.
2) Get a different ftp client which can use passive mode.
A free windows client for non-business use is available at "http://www.ipswitch.com/cgi/download_eval.pl?product=WL-1000".
There probably are others available as well if you search
for them.
3) Set up a proxy server for your ftp traffic through your
firewall. This is more work than the previous 2 options
(also covered in the Firewall-HOWTO).
-- Joe Steele
-----Original Message-----
From: Rjey Nomer [SMTP:rjeynomer at asia.com]
Sent: Monday, July 26, 1999 6:01 AM
To: ale at ale.org
Cc: Joe Steele
Subject: RE: RE: [ale] ftp error
------Original Message------
From: Joe Steele <joe at madewell.com>
To: "'Rjey Nomer'"<rjeynomer at asia.com>
Sent: July 24, 1999 11:39:20 PM GMT
Subject: RE: [ale] ftp error
Most likely a firewall is interfering with the initiation of a data
connection from the server back to the client. FTP connections
through masquerading firewalls can also lead to problems.
Many ftp clients have an option for using "passive ftp mode"
which solves the problem. I don't know if the ftp client that
comes with Windows 95 can use passive mode. You may
need better software (best solved by getting rid of windows :))
or else fix the firewall problem.
Joe Steele
HI...
Just like what you've said; fix the firewall problem; is it the hosts.allow
or what other file/s should I edit to get rid of our problem...
Again Thank you in advanced!!!
-----Original Message-----
From: Rjey Nomer [SMTP:rjeynomer at asia.com]
Sent: Friday, July 23, 1999 11:42 PM
To: ale at ale.org
Subject: [ale] ftp error
Hi!
I get an error while I'm accessing my ftp server. The error message is
listed below:
ftp>ls
500 Illegal PORT Command
425 Can't built data connection: Connection Refused.
ftp>
Thus anyone encounter this problem. By the way I can login in my account but
the problem are the same whe I type any command. I also using windows 95 to
access our ftp server.
Thank You In Advanced.
=-=-=-=-=-=
RJEY NOMER
=-=-=-=-=-=
__________________________________________________
FREE Email for ALL! Sign up at http://www.mail.com
__________________________________________________
FREE Email for ALL! Sign up at http://www.mail.com
More information about the Ale
mailing list