On Mon, 21 Jun 2004, Sagara Wijetunga wrote: > --- "Piszcz, Justin Michael" > <justin.piszcz@xxxxxxxxxxxx> wrote: > > If you find one (that works with TLS/SSL), please > > let me know :) > > Sorry I have not seen one as of yet. > > > I wonder is it an issue with the conntrack module or > the FTP server. May be Jozsef Kadlecsik could shed > some light on this. The FTP server encrypts the command channel, so the kernel cannot figure out on which port will the server (passive) or client (active) listen for the data channel. > If the FTP server side has to be fixed, I could take > it up with the FTP server folks. Currently there is no solution. When nfnetlink-ctnetlink is completed, the FTP server could be patched to notify the kernel on the data ports it wants to open or connect to, which would solve the problem. As an alternative, you could use sftp instead. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
