On 2.3.2011 03:00, John R Pierce wrote: > On 03/01/11 5:55 PM, Markus Falb wrote: >> On 2.3.2011 02:15, Nico Kadel-Garcia wrote: >> >>> I know FTP can be a nightmare: I thought FTPS had pretty much >>> addressed the separate data and control channel issues, or am I >>> profoundly mistaken? >> Running ftp over ssl is not changing the ftp protocol. SSL or not, there >> are the same "open up a bunch of passive ports for data channel" insanities. > > and, worse, since the control channel is encrypted, this can't be done > via a port monitor that sniffs and modifies 'port' commands, so this > causes problems at BOTH ends of a NAT Could it be that the iptables ftp conntrack and nat modules does not work with ftps because of this ? -- Best Regards, Markus Falb
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos