As you say you have two options: a) To force all users, to work as nonpasive method (Remenber open the data port (tcp/20) b) Enable the Passive method on your firewall, to made it, you have to determine some port in your ftp server, this mean, that your ftp server must to use an especific range of ports (for example 50000-50500) and then open that range in your firewall. Other point it to consider that the FTP server will send ip own IP address, for the passive connection. Good Luck -----Original Message----- From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx]On Behalf Of Bartosz Brewinski Sent: Thursday, 12 May, 2005 11:30 AM To: redhat-list@xxxxxxxxxx Subject: Odp: firewall question Maybe "BBedit" is not configured (or can't be) for passive ftp while the other ftp clients used in the office are using passive ftp connections ? Maybe it would be sufficient to persuade BBedit to use passive connection method ? Hope this helps. bartek >>> jessica@xxxxxxxxxxxxx 2005-05-12 20:21 >>> Hi, I set up the firewall on an old linux(7.1) server using ipchains which allows ftp within our network. After the firewall up, some users in the office who using Bbedit on Macintosh complained that they cannot ftp to the server any more although there is no problem to use other ftp programs. My final solution is to trust the ips from those users using BBedit and accept all from them. However, I thought this is not the best and secure solution. Just wondering whether anybody on the list can help me figure out the better solution. Thanks! Jessica -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
